Share:

Share via email - Update your phone now! Hackers are pouncing on bugs found in Android Share on Facebook - Update your phone now! Hackers are pouncing on bugs found in Android Share on LinkedIn - Update your phone now! Hackers are pouncing on bugs found in Android Share on X - Update your phone now! Hackers are pouncing on bugs found in Android

Update your phone now! Hackers are pouncing on bugs found in Android

As we got into the swing of spring, we were treated to a showcase of new products and features from Big Tech. Apple and Google recently had their annual events, giving us glimpses of what to expect.

Android 12 is getting prettier and more secure. You can even unlock and start your car with it. Tap or click here for more of what’s coming to Android devices.

Developers constantly update and patch their software to heighten security and add new features. These fixes sometimes reveal vulnerabilities that people were unaware of.

Here’s the backstory

Google’s May 2021 Android security update patched four vulnerabilities that were already under attack. These flaws were previously unknown and had been functioning for some time, making them zero-day flaws.

“There are indications that CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664 may be under limited, targeted exploitation,” Google wrote in an Android security bulletin earlier this month.

Google Project Zero researcher Maddie Stone tweeted the bulletin update and explained that the vulnerabilities affect Qualcomm and ARM Mali GPUs.

Qualcomm’s report for CVE-2021-1905 reads, “Possible use after free due to improper handling of memory mapping of multiple processes simultaneously.” While CVE-2021-1906 reads, “Possible use after free due to improper handling of memory mapping of multiple processes simultaneously.”

Arm’s report on CVE-2021-28663 states, “A non-privileged user can make improper operations on GPU memory to enter into a use-after-free scenario and may be able to gain root privilege, and/or disclose information.” The description for CVE-2021-28664 states, “A non-privileged user can get a write access to read-only memory, and may be able to gain root privilege, corrupt memory and modify the memory of other processes.”

Who got the fix?

Google’s Pixel and Samsung’s Galaxy S21 smartphones have access to the Android security patch. Those with older phones may not have access to it now or ever.

Regardless, keep your phone updated, as you won’t always know when a fix is coming. If you don’t have access to a major patch within a few months of its release, you may want to consider an upgrade.

How to update your Android device:

  • Open your phone’s Settings app.
  • Near the bottom, tap System > Advanced > System update.
  • Doing this will give you information on your update status.
  • Follow any steps on the screen.

Note: The process of updating your Android device may be different depending on the manufacturer and model. If you need help, check your phone’s manual. Don’t have the manual? Tap or click here for thousands of free online user manuals.

Keep reading

Hey Android users, Google announces 3D calls and new privacy features

5 new Google changes to watch out for

Tags: Apple, security