AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Middle East Low Code No Code Summit TimeAI Summit

Android: fixed 37 vulnerabilities with the november 2023 update

Improved mobile device defense with the integration of critical security fixes

Google has released security updates for Android, fixing 37 vulnerabilities. A flaw in the system allowed information disclosure, but was fixed along with other flaws.

Contribute to spreading the culture of prevention!
Support our cause with a small donation by helping us raise awareness among users and companies about cyber threats and defense solutions.

This pill is also available in Italian language

Google has released security updates for Android that fix 37 vulnerabilities, including a critical information disclosure vulnerability. The update, delivered in a patch called 2023-11-01, focuses on 15 flaws in Android's Framework and System components, specifically addressing a critical vulnerability in the System component that could allow information disclosure without additional privileges.

Critical vulnerability details

The main vulnerability, identified as CVE-2023-40113, affects Android versions 11, 12, 12L and 13. It has been fixed along with six other issues in the System component classified as 'high severity'. An additional 14 vulnerabilities addressed by the patch are also considered high severity and could lead to privilege escalation, information disclosure, and denial of service.

Additional security patches for Android components

The second set of November 2023 updates, labeled security patch level 2023-11-05, addresses 22 flaws in components supplied by Arm, MediaTek, and Qualcomm. Devices running the 2023-10-05 security patch level already include fixes for all vulnerabilities mentioned in previous security bulletins, including the November 2023 update.

Security measures specific to Pixel devices and other platforms

This round of updates also includes fixes to eight vulnerabilities specific to Google's Pixel devices, with issues affecting the kernel, WLAN components, and Qualcomm components. For Pixel devices, a security patch level dated 2023-11-01 or later is sufficient to mitigate these risks. Google has not released specific updates for Wear OS and Automotive OS this month, as those platforms are protected by the patches already mentioned. At the moment, there are no reports that these vulnerabilities have been exploited in malicious attacks.

Follow us on Telegram for more pills like this

11/07/2023 13:51

Editorial AI

Last pills

LockBit's response to FBI actionsLockBit's technological revenge: post-attack updates and awareness

LockBit's tenacious activity despite global investigationsChallenges and countermeasures in the war against the LockBit cyber criminal group

Avast fined for illegitimate sale of web dataFines and restrictions imposed on cybersecurity company for misuse of personal data

KeyTrap: DNSSEC flaw discovered by researchersThe vulnerability puts the stability of DNSSEC at risk