AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Android: fixed 37 vulnerabilities with the november 2023 update

Improved mobile device defense with the integration of critical security fixes

Google has released security updates for Android, fixing 37 vulnerabilities. A flaw in the system allowed information disclosure, but was fixed along with other flaws.

This pill is also available in Italian language

Google has released security updates for Android that fix 37 vulnerabilities, including a critical information disclosure vulnerability. The update, delivered in a patch called 2023-11-01, focuses on 15 flaws in Android's Framework and System components, specifically addressing a critical vulnerability in the System component that could allow information disclosure without additional privileges.

Critical vulnerability details

The main vulnerability, identified as CVE-2023-40113, affects Android versions 11, 12, 12L and 13. It has been fixed along with six other issues in the System component classified as 'high severity'. An additional 14 vulnerabilities addressed by the patch are also considered high severity and could lead to privilege escalation, information disclosure, and denial of service.

Additional security patches for Android components

The second set of November 2023 updates, labeled security patch level 2023-11-05, addresses 22 flaws in components supplied by Arm, MediaTek, and Qualcomm. Devices running the 2023-10-05 security patch level already include fixes for all vulnerabilities mentioned in previous security bulletins, including the November 2023 update.

Security measures specific to Pixel devices and other platforms

This round of updates also includes fixes to eight vulnerabilities specific to Google's Pixel devices, with issues affecting the kernel, WLAN components, and Qualcomm components. For Pixel devices, a security patch level dated 2023-11-01 or later is sufficient to mitigate these risks. Google has not released specific updates for Wear OS and Automotive OS this month, as those platforms are protected by the patches already mentioned. At the moment, there are no reports that these vulnerabilities have been exploited in malicious attacks.

Follow us on Twitter for more pills like this

11/07/2023 13:51

Editorial AI

Last pills

Data breach: 560 million users involvedHow to protect yourself from the consequences of a major data breach

Ransomware attack on Synnovis: London health services in crisisSevere disruption to pathology and diagnostic services in London

A new LPE exploit for Windows for sale in the undergroundA new local privilege escalation threat for Windows in the underground forums

Critical failure in Check Point VPN solutions: risks and security measuresExposure of enterprise systems: urgent updates and patches to protect networks