Google has just recently fixed a flaw in its Android OS. The flaw that had been able to allow attackers to take complete control over the victim’s device. As a result, install programs, alter and steal data, or create new accounts with full privileges.
The vulnerability (CVE-2020-0103) was just one of over 30 loopholes found within the Android OS builds. They use older security profiles, and they spread throughout various components of Android that the company resolved in its latest security fix.
The company has reported in a bulletin that “The most severe of these issues is a critical security loophole in the System component that could enable a remote attacker …”.
The tendency for mistreatment and exploitation depends on the privileged status of an application. But it’s according to the Center for Internet Security’s (CIS’s) advisory on the flaw.
Loophole Gateways
These loopholes exploited through an array of gateways, few of which are email, web browsing, and multimedia services (MMS). Also exploited when processing media files, and a host of others, as divulged by the CIS.
This critical flaw was one of eight that Google healed for the System component of Android. The rest of the flaws identified as high-severity, except for a low number, which was deemed moderate.
However,’ so far none of the vulnerabilities patched in the update did not experience any for of exploiting in the wild,’ according to CIS. The company reported that Google also patched a fundamental flaw in Android’s Framework component. Worst of all, one that could enable an attacker to employ arbitrary code within the context of a privileged process, the company showed its concern even as it enlightened its consumer base.
The only other critical vulnerability patched was a security weakness, found in the Qualcomm closed-source components. The rest, however, were classified as high severity.
Google has recommended installing the most recent security patch to Android users but just as a precautionary measure.