​Android security: Google details Pixel and Nexus vulnerabilities in December bulletin

Google’s December security bulletin for Pixel and Nexus smartphones lists 42 vulnerabilities that are to be patched in an update.
More security news
NSA employee pleads guilty after stolen classified data landed in Russian hands
Security warning: Don’t use Russian antivirus on secret government systems, says cyber-agency
Security: Making yourself a hard target for hackers is easier than you think
Forgotten password? Samsung’s future phones could retrieve it using your palm
“All supported Google devices will receive an update to the 2017-12-05 patch level. We encourage all customers to accept these updates to their devices,” Google said.
These vulnerabilities are in addition to the bugs listed in Google’s December 2017 Android security bulletin. Google notes that its hardware partners were notified of these issues at least a month ago “and may choose to incorporate them as part of their device updates”.
Of the Nexus and Pixel-specific bugs, five are listed in the media framework, varying between high and moderate criticality, and featuring elevation of privilege and information disclosure risks.
There is one bug in Broadcom components that’s also related to elevation of privilege, nine kernel bugs that involve elevation of privilege and information disclosure (one is high, the rest are moderate), plus one MediaTek-related flaw.
There are also 26 Qualcomm bugs (all moderate) plus four more in closed-source components — three moderate and one critical.
Google’s Android security bulletin for December warns of 47 bugs: 10 of the vulnerabilities are rated ‘critical’ in their potential impact — the most severe type of bugs; the other 37 are rated as ‘high’ priority.Previous and related coverage Android’s big problem: Over a billion devices are more than two years out of date
Android’s rapid growth and update challenges have left over one billion devices running very out of date software.

Android security triple-whammy: New attack combines phishing, malware, and data theft
山东钢铁去亏损近6亿 一季度扭亏
Attacks on three fronts ensure attackers have all the information they need to steal banking details in the latest evolution of the Marcher malware, warn researchers.
Google says these are the best Android apps of 2017 but do you agree?
BYOD和网络恶意代码能给企业带来严重安全威胁,员工和设备在外,企业防火墙控制不住,除非遏制用户不能远程使用移动计算设备,否则要获得安全,最重要是加强用户安全培训。
Google names most popular and best Android apps of the year.Read more on Android security Google names 42 Android devices with users running security updates from last two monthsAndroid Oreo: Google adds in more Linux kernel security featuresGoogle Play Protect rolling out to Android devices for better securityAmazon’s app store compromises Android securityMost Android users running outdated security patches: report (CNET)iOS and Android security: A timeline of the highlights and the lowlights (TechRepublic)
Related Topics:
Google
Security TV
Data Management
企业内部网安全问题已经成为当前各企业网络建设中不可忽视的首要问题,企业内部网络的安全问题,不仅是设备,技术的问题,更是管理的问题。

猜您喜欢

中国航天科工发布“天玥”系列移动计算产品
移动支付中间人攻击防范
网络安全法动漫宣传片 002 国家网络安全的现状与重要性概述
视频:全新2018宝马Z4来袭,这是要碾压奔驰奥迪的节奏!
REWRITEASSISTANT MYDEATHSPACE
EHS培训计划的制定与培训策略的创新性选择