Get in Touch
SECURITY GUIDANCE – Google releases multiple patches for Android OS
Overview
Google have released a number of patches for vulnerabilities within the Android Operating System. The most severe of these issues is a high security vulnerability in the Media Framework component that could enable a local malicious application to bypass operating system protections that isolate application data from other applications.
Impact
The most severe of these vulnerabilities could allow for remote code execution on affected devices.
Are my systems vulnerable?
An android device is vulnerable if its security patch level is lower than 2021-08-05.
Affected Products
Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. While some, such a mobile phones, can be updated via MDM solutions, others, such as smart TV’s, vehicle entertainment systems, and other IoT/OT technologies are often overlooked.
Vulnerability Detection
An android device is vulnerable if its security patch level is lower than 2021-08-05.
Containment, Mitigations & Remediations
Apply appropriate updates by Google Android or mobile carriers to vulnerable systems, immediately after appropriate testing.
Remind users to only download applications from trusted vendors in the Play Store.
Remind users not to visit untrusted websites or follow links provided by unknown or untrusted sources.
Inform and educate users regarding threats posed by hypertext links contained in emails or attachments, especially from untrusted sources# Indicators of Compromise
There are no IoC’s available at this time.
Threat Landscape
There are currently no reports of these vulnerabilities being exploited in the wild, however given the types of vulnerability associated with the patch set (Remote Code Execution (RCE), Elevation of Privilege (EoP), and Information Disclosure (ID)) it is likely that these patches are as a result of recent disclosures pertaining to the NSO group and subsequent device analysis.