AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Android: fixed 37 vulnerabilities with the november 2023 update

Improved mobile device defense with the integration of critical security fixes

Google has released security updates for Android, fixing 37 vulnerabilities. A flaw in the system allowed information disclosure, but was fixed along with other flaws.

This pill is also available in Italian language

Google has released security updates for Android that fix 37 vulnerabilities, including a critical information disclosure vulnerability. The update, delivered in a patch called 2023-11-01, focuses on 15 flaws in Android's Framework and System components, specifically addressing a critical vulnerability in the System component that could allow information disclosure without additional privileges.

Critical vulnerability details

The main vulnerability, identified as CVE-2023-40113, affects Android versions 11, 12, 12L and 13. It has been fixed along with six other issues in the System component classified as 'high severity'. An additional 14 vulnerabilities addressed by the patch are also considered high severity and could lead to privilege escalation, information disclosure, and denial of service.

Additional security patches for Android components

The second set of November 2023 updates, labeled security patch level 2023-11-05, addresses 22 flaws in components supplied by Arm, MediaTek, and Qualcomm. Devices running the 2023-10-05 security patch level already include fixes for all vulnerabilities mentioned in previous security bulletins, including the November 2023 update.

Security measures specific to Pixel devices and other platforms

This round of updates also includes fixes to eight vulnerabilities specific to Google's Pixel devices, with issues affecting the kernel, WLAN components, and Qualcomm components. For Pixel devices, a security patch level dated 2023-11-01 or later is sufficient to mitigate these risks. Google has not released specific updates for Wear OS and Automotive OS this month, as those platforms are protected by the patches already mentioned. At the moment, there are no reports that these vulnerabilities have been exploited in malicious attacks.

Follow us on Telegram for more pills like this

11/07/2023 13:51

Editorial AI

Last pills

Serious vulnerability discovered in Rabbit R1: all user data at riskVulnerability in Rabbit R1 exposes sensitive API keys. What are the privacy risks?

Cyber attack in Indonesia: the new Brain Cipher ransomware brings services to their kneesNew ransomware hits Indonesia: learn how Brain Cipher crippled essential services and the techniques used by hackers

Patelco Credit Union: security incident halts customer services in CaliforniaService disruption and customer frustration: Patelco Credit Union works to resolve security incident

Cyber attack on TeamViewer: immediate response and investigations underwayStrengthened security measures and international collaborations to counter the cyber threat