Android users often hear alerts about dangerous new Google Play Store apps or malware to avoid. And with warnings coming left, right and centre, it’s easy to begin to glaze over a little when the next ‘red alert’ comes along. However, the latest Android alert is one Google fans cannot take lightly. Trust us.
The latest warning comes from the horse’s mouth – Google, the company that owns and develops Android. The Californian search company revealed this week the existence of four Android new vulnerabilities out in the wild that bad actors know about – and have been actively exploiting.
All four of these vulnerabilities allow threat actors to execute malicious code to take complete control of an Android device. The reason this latest alert is so important for Android users to take heed of is such exploits are a rarity. As reported by Threatpost, since 2014, there have only been six Android bugs to be exploited in the wild.
This means the four vulnerabilities announced this week make up two-thirds of all zero-day threats that Android users have faced since 2014. Yikes.
In 2020, Google only disclosed one zero-day Android vulnerability, according to security firm Zimperium. The latest security threat was revealed by Google in an update to its May security bulletin on Wednesday. The post, originally published on May 3, highlighted 50 vulnerabilities that Android users needed to be aware of. And in the latest update to the bulletin, Google said there were “indications” four of these “may be under limited, targeted exploitation.”
Maddie Stone, the security researcher with Google’s Project Zero, also added on Twitter: “Android has updated the May security with notes that 4 vulns were exploited in the wild”. All four of these vulnerabilities could allow hackers to take complete control of an Android device, with all of them affecting GPU firmware code. Two can affect the ARM Mali GPU driver, while the other two impact the Qualcomm Snapdragon CPU graphics component.
Asaf Peleg, the VP of strategic projects at Zimperium, told ArsTechnica that a successful exploit of these vulnerabilities “would give complete control of the victim’s mobile endpoint”.
Peleg added: “From elevating privileges beyond what is available by default to executing code outside of the current process’s existing sandbox, the device would be fully compromised, and no data would be safe.”
Android phones that use ARM- or Qualcomm-branded GPUs are the only ones affected by the vulnerability. It’s unclear exactly how attackers would take advantage of such a flaw. After all, Google keeps quiet about exactly
But what is for certain is that Android users should make sure they download the May 2021 security update, which addresses these vulnerabilities, as soon as it becomes available to them.
Published at Sat, 22 May 2021 02:00:00 +0000