New vulnerabilities on Android
14/Feb/2019Vulnerabilities
New vulnerabilities on Android
14/Feb/2019Vulnerabilities
In the new February updates Google fixes 42 vulnerabilities affecting Android operating systems. Although Google's android partners were notified about these problems, updates to the devices' operating systems are left to the manufacturers' developers, who Google claims were notified at least one month in advance..

The most relevant vulnerabilities
In the update report, they are based on failures of the following software components:
- Framework (CVE-2019-1986, CVE-2019-1987, CVE-2019-1988): Vulnerabilities that allow attackers to execute remote code in a privileged manner through a manipulated image in PNG format..
- Libraries (CVE-2017-17760): Remote code execution as a non-privileged process via a malicious file.
- Kernel (CVE-2018-10879, CVE-2019-1999, CVE-2019-2000, CVE-2019-2001): Remote code execution that allows a malicious application to execute code as a privileged process (EoP)..
On the other hand it is not yet known that a mobile device has been compromised by this vulnerability, there is no doubt that there are many attack vectors through which this type of images can be distributed. There is a vast number of devices running Andorid Oreo and Nougat versions..
Related Articles
Sofistic obtains the new Microsoft Solutions Partner Security Certification
After obtaining Microsoft solutions Partner Modern Work, Sofistic has recently obtained the Microsoft Solutions Partner Security certification, demonstrating the successful adaptation to the new requirements established by the technological giant. One of the first...
Sofistic ranks among Microsoft’s top partners with Modern Work certification
Sofistic, among Microsoft’s top Modern Work Certified partners
Sofistic grows 114% in revenues, leading Cuatroochenta’s organic growth
Sofistic leads the organic growth of Cuatroochenta, its parent company, with unit revenue growth of 114%.
0 Comments