Android users have just seen a brand new update get rolled out from Google, and the latest security patch is a hugely important one. The Android security patch which has been released this week fixes 39 vulnerabilities – but one in particular is especially concerning. The flaw, known as CVE-2020-0103, lets hackers completely take over an Android device to install programmes, steal data or create fresh accounts with full privileges.
The vulnerability was highlighted by the Center for Internet Security (CIS) who said the flaw affects Android devices running a security patch released before May 5 2020.
In a post online they said: “Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution.”
CIS added: “Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of a privileged process.
“Depending on the privileges associated with this application, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
- Most terrifying Android warning yet: malware is targeting banking apps
“If this application has been configured to have fewer user rights on the system, exploitation of the most severe of these vulnerabilities could have less impact than if it was configured with administrative rights.”
CIS added that this vulnerability poses a high risk to business, government and home Android users.
They explained the flaw could be exploited in a number of ways, such as via emails, web browsing or when processing media files.
Google rated this flaw as a “critical” vulnerability which has been patched in the security update released on May 5.
Outlining the flaw, and other such issues addressed in the recent download, Google said: “The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted transmission to execute arbitrary code within the context of a privileged process.
“The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed.”
The post from the Android makers added that service protections such as Google Play Protect “reduce the likelihood that security vulnerabilities could be successfully exploited on Android”.
The news comes as this week Android users were also issued another alert, this time warning about malware that targets extremely sensitive apps.
The EventBot malware is designed to steal crucial details from financial apps such as PayPal, Barclays, CapitalOne UK, Coinbase, TransferWise, and Revolut.
Researchers from Cybereason Nocturnus unearthed the new malware, which first surfaced last month.
The majority of Android apps that were targeted are from the UK, as well as Italy, Germany, and France.
Cybereason believes EventBot has the potential to become a serious threat for Android users in the near future.
This is because “it is under constant iterative improvements, abuses a critical operating system feature, and targets financial applications.”
Source: Read Full Article