IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more
In-depth

Google fixes 78 vulnerabilities in Android

Tech giant patches flaw that let hackers take over your phone

A red Android mascot

Google has fixed a whopping 78 vulnerabilities in its Android operating system in its latest security bulletin.

The firm's Android October Security Bulletin, which this month addresses 31 more security flaws than last month's, is spread across two different patch levels.

"These patch levels organise security flaws based on the components they affect, with the 2016-10-01 security patch level' affecting core Android services, drivers, and components that all smartphone vendors must address with high priority," Google said in the bulletin.

Meanwhile, the second 2016-10-05 security patch level' addresses issues in selected drivers and components that only some OEMs deploy with their Android versions, and smartphone vendors are required to implement only if they use those components.

The most severe of the issues patched were critical security vulnerabilities in device-specific code that could enable remote code execution, leading to "the possibility of a local permanent device compromise", Google said. Affected devices might have require reflashing the operating system to repair the device.

"We have had no reports of active customer exploitation or abuse of these newly reported issues," Google said, advising that those concerned should refer to the Android and Google service mitigations section for details on the Android security platform protections, such as SafetyNet, which improve the security of the Android platform.

Alongside the bulletin, Google also released a security update to Nexus devices through an over-the-air (OTA) update. Within this, Google said it has released the Nexus firmware images to the Google Developer site, and the Security Patch Levels of October 05, 2016 or later address these issues.

Supported Nexus devices will receive a single OTA update with the 5 October, 2016 security patch level, Google said.

Featured Resources

Join the 90% of enterprises accelerating to the cloud

Business transformation through digital modernisation

Free Download

Delivering on demand: Momentum builds toward flexible IT

A modern digital workplace strategy

Free download

Modernise the workforce experience

Actionable insights and an optimised experience for both IT and end users

Free Download

The digital workplace roadmap

A leader's guide to strategy and success

Free Download

Recommended

RATDispenser evades nine in ten anti-virus engines
Security

RATDispenser evades nine in ten anti-virus engines

24 Nov 2021
Hackers use Linux backdoor on compromised e-commerce sites with software skimmer
malware

Hackers use Linux backdoor on compromised e-commerce sites with software skimmer

19 Nov 2021
Out-of-hours ransomware attacks have a greater impact on revenue
ransomware

Out-of-hours ransomware attacks have a greater impact on revenue

18 Nov 2021
Millions of routers and NAS devices vulnerable to BotenaGo malware
malware

Millions of routers and NAS devices vulnerable to BotenaGo malware

12 Nov 2021

Most Popular

Raspberry Pi launches next-gen Pico W microcontroller with networking support
Hardware

Raspberry Pi launches next-gen Pico W microcontroller with networking support

1 Jul 2022
Universities are fighting a cyber security war on multiple fronts
cyber security

Universities are fighting a cyber security war on multiple fronts

4 Jul 2022
Hackers claim to steal personal data of over a billion people in China
data breaches

Hackers claim to steal personal data of over a billion people in China

4 Jul 2022