Warning: Undefined array key "HTTP_ACCEPT_LANGUAGE" in /home/u596154002/domains/usbusinessreviews.com/public_html/wp-includes/load.php on line 2057

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the rank-math domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u596154002/domains/usbusinessreviews.com/public_html/wp-includes/functions.php on line 6114
Android’s September security update fixes actively exploited zero-day and more - Best Business Review Site 2024

Android’s September security update fixes actively exploited zero-day and more

[ad_1]

Man holding phone

Dean Mitchell/Getty Images

Google releases monthly security updates for Android. Every so often those updates include patches for issues that have been assigned the highest severity rating. 

In its most recent security bulletin, Google announced that there is evidence that CVE-2023-35674, rated High severity, “may be under limited, targeted exploitation.”

Also: Google just gave Android’s most frustrating widget an AI facelift, and it’s a relief

This particular issue is a zero-day vulnerability, which means it was previously unknown to anyone capable of fixing it and, until developers can mitigate the issue, threat actors can exploit it.

This zero-day vulnerability makes it possible for bad actors to escalate privileges without requiring user interaction.

Before you get too concerned, there are a couple of things to note. First, a vulnerability marked High is not the most severe issue. Critical is worse than High (more on that in a bit). 

The second thing is that privilege escalation is not unfamiliar territory for Android. I’ve been covering Android for well over a decade and I’ve seen similar vulnerabilities come and go like clockwork. The good news is that Google is very good at finding and patching them.

The bad news is that you’ll have to wait until Google releases the September security update until your Android device is patched against the vulnerability. 

Also: Why I no longer use third-party Android launchers

Another bit of good news is that your Android device will let you know when the update is ready for your phone and the only thing you’ll have to do is restart the device when prompted. You should immediately do so as soon as you see the notification popup.

If you are unsure as to what security patch your phone has, go to Settings > System > System Update, where you’ll see both the version of Android on your device and the security update that has been applied. On my Pixel 7 Pro, I’m still on the August security update but I assume the September update should be available any day.

As far as the rest of the September security update, there are three vulnerabilities marked Critical, which are as follows (listed by CVE, Reference Type, Severity, and Android version):

RCE (Remote Code Execution) vulnerabilities are of particular concern because they make it possible for threat actors to execute malicious code without having direct access to your device.

For September, Google has issued not one but two sets of patches but only the second patch (2023-09-05) addresses all of the security issues found in the security bulletin as well as patches for third-party, proprietary code (such as a bug found in the Qualcomm WLAN firmware).

Also: Google’s next Pixel hardware event will be on October 4, and it’s go big or go home

One thing to keep in mind is that if you have a non-Pixel phone, the September security patch will arrive on your device a bit later. That’s because Google sends the patches to the OEMs and they then have to test and tune the patches for their hardware. So, if you have a Samsung, Huawei, OnePlus, Nothing, or another Android phone that’s not from Google, you’ll have to wait a bit longer for the patch to arrive.

Either way, as soon as you see that update appear on your Android device (whoever the manufacturer may be), apply it immediately.



[ad_2]

Source link

slot gacor slot gacor togel macau slot hoki bandar togel slot dana slot mahjong link slot link slot777 slot gampang maxwin slot hoki slot mahjong slot maxwin slot mpo slot777 slot toto slot toto situs toto toto slot situs toto situs toto situs toto situs toto slot88 toto slot slot gacor thailand slot bet receh situs toto situs toto slot toto slot situs toto situs toto situs toto situs togel macau toto slot slot demo slot pulsa slot pragmatic situs toto deposit dana 10k surga slot toto slot link situs toto situs toto slot situs toto situs toto slot777 slot gacor situs toto slot slot pulsa 10k toto togel situs toto slot situs toto slot gacor terpercaya slot dana slot gacor pay4d agen sbobet kedai168 kedai168 deposit pulsa situs toto slot pulsa situs toto slot pulsa situs toto situs toto situs toto slot dana toto slot situs toto slot pulsa toto slot situs toto slot pulsa situs toto situs toto situs toto toto slot toto slot slot toto akun pro maxwin situs toto slot gacor maxwin slot gacor maxwin situs toto slot slot depo 10k toto slot toto slot situs toto situs toto toto slot toto slot toto slot toto togel slot toto togel situs toto situs toto toto slot slot gacor slot gacor slot gacor situs toto situs toto cytotec toto slot situs toto situs toto toto slot situs toto situs toto slot gacor maxwin slot gacor maxwin link slot 10k slot gacor maxwin slot gacor slot pulsa situs slot 10k slot 10k toto slot toto slot situs toto situs toto situs toto bandar togel 4d toto slot toto slot situs toto