Security Patchday: Google closes critical gaps in pixel devices

Major security updates include several vulnerabilities in the Android system and third-party components.

Security Patchday: Google closes critical gaps in pixel devices

Owners of Pixel Series Google smartphones and tablets should make sure their devices are up to the current patch level of 2019-05-05. Otherwise, in some cases, attackers could attack devices remotely with relatively little effort, and in the worst case, take over.

Read More Stories: Developer Search Engines: Elastic Introduces Beta to the New Enterprise Search

In a security warning, Google lists the vulnerabilities. In it, they also assure that they have not yet observed any attacks on the vulnerabilities. For example, ” critical ” vulnerabilities can be found in the Media Framework, in the system, and in third-party components such as Broadcom and Nvidia.

To exploit this, an attacker must, for example, accuse a victim of a manipulated media file that the victim has to open. This vulnerability can be found in the Media Framework Stagefright. For years, there is hardly an Android patchday that does not involve any stagefright gaps. For some attacks, an attacker needs local access to a device.

Read More Stories: VPN : First trial version of Wireguard for Windows available

Nexus devices have received no security updates since the end of last year – the support has expired. For Google’s current Pixel series, this will be the case for the first devices in October 2019.

Globally, the distribution of current and secured versions of Android is a disaster. This malady has now improved somewhat, as well as Google now about LG, Huawei and Nokia monthly security patches (see box on the right) for at least some Android devices publish.

Read More Stories: WhatsApp develops its digital payments. Testing starts in London

Google claims to notify manufacturers of security vulnerability details a month prior to release. The source code of patches is in the Android Open Source Project (AOSP).