Headline

Google, 4 months of Android monthly security patches published critical has 13 reviews

Google in 2020 4 on Android security updates 4 November 5 [local time]to the public. Annual and updates 2020-04-01 and 2020-04-05 of 2 times only.

【Mom】Google, 3 months of Android monthly security patches published critical of 17

This, of severity critical are classified as the ones that are 13 items, but this is the last month of 17 items followed a lot of fixes and such. Of these, the most serious a high degree of 2020-04-01 of system components contained in 4 reviews, a remote attacker sending a specially crafted file, use the privileged within the context of the execution of arbitrary code as the possibility that there is a vulnerability about you[CVE-2020ー0070~0073].

Other severity is classified into the vulnerability of the amendments, the Qualcomm components related 1. reviews,Qualcomm closed about the component of 8 today.

■2020-04-01 level security patch details

This section is said at the beginning, the system components, the severity of the fall to a critical vulnerability fixes, including the framework,the media framework,the system of the 3 genres total of 12 out of fixing the vulnerability is performed.

●The framework relates to

A total of 6 reviews, out severity high total 5,in 1 today. The most serious vulnerability, a malicious local application on the user’s operation to bypass an additional gain access as well. The corresponding Android version, the CVE-2020ー0080 and CVE-2020-0082 is 10, the other 4 is 8. From 0 to 10 as well.

●Media framework relates to

2 in severity is high. Is this vulnerability a local attacker if a specially crafted file, using a privileged process within the context of the execution of arbitrary code is a possibility that that there. The corresponding Android version is 9 and 10.

●System information

4 in severity is critical. Mentioned at the beginning,a remote attacker sending a specially crafted file using privileged within the context of the execution of arbitrary code as the possibility that there is a vulnerability response[CVE-2020-0070~0073]. The corresponding Android version is 8. 0~10.

■2020-04-05 level security patch details

In this section, frameworks, kernel components, FPC component, the Qualcomm components to,Qualcomm closed component 5 genre total of 43 items of vulnerability to correction is performed. Out of this, the severity crit, but Qualcomm components 1. reviews,Qualcomm closed components to 8 exist.

This month is also the Qualcomm-related vulnerability fixes, because a lot of the company’s SOC with a model to be used by people who need attention would.

●The framework relates to

1 in the severity is high. A local attacker can gain sensitive with a high degree of access to the data is done: vulnerability response[CVE-2019-2056]. The corresponding Android version is 10.

●The kernel components related to

3 in severity is either high. The breakdown is the USB input driver,USBHID driver,audio sub-system of 3 species. In this section, the most serious a high degree of vulnerability,a local attacker could specially-crafted USB device, using a privileged process within the context of the arbitrary code can be run as one.

●FPC component relates to the

This section is a fingerprint authentication component in 3 cases,severity is 1 is high, and the remaining 2 had moderate and have. This just severity high vulnerability, a malicious local application on the user’s operation to bypass and additional access to get another[CVE-2020-0076].

●Qualcomm components related to

6 in severity is critical is 1 day,the remaining 5 were high as well. This is of severity critical have been separated into a WLAN problem[CVE-2019-14131], and the other 5. reviews audio, camera, kernel, video and WLAN on the Internet. This section of the vulnerability for more information about customary by Qualcomm directly from the provided.

●Qualcomm closed about the component to

A total of 30. The severity is 8 were critical, and the remaining 22 were high as well. This section also vulnerability information is directly from Qualcomm that is provided.

4 June,domestic Corona ominous by the emergency Declaration is not it. Each company is home-based remote work such as the introduction of the is becoming increasingly popular to.

In such a situation, use of equipment, safety is a great challenge, this time on Android devices for the vulnerabilities fixed is not limited to the home network and each device type of the safety about this opportunity to 1 degree size review we recommend that you do. [Article: kurishobo・The article list to look at]


Source link

Show More

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Close
Close