本文作者:整理砖家

Google patches multiple Android high-risk vulnerabilities

整理砖家 8个月前 ( 04-03 ) 3818
摘要: Google released a security bulletin on April 1 to fix a number of high-risk vulnerabilitie...

Google released a security bulletin on April 1 to fix a number of high-risk vulnerabilities in Android.

 Google patches multiple Android high-risk vulnerabilities 百度资讯 综合其他问题 搜索热点问题 网络新鲜事 互联网 百度资讯 综合其他问题 搜索热点问题 网络新鲜事 互联网 第1张

Major Android vendors, including Samsung, Pixel and LG, have received notifications at least a month before the announcement. Within 48 hours after the announcement, Google will also release the source code of the security patch to the Android Open Source Project (AOSP) repository.

Among them, the highest level of risk is a serious security vulnerability in the media framework (media framwork), which allows an attacker to transfer the changed file to remotely execute arbitrary code with permissions. Both CVE-2019-2027 and CVE-2019-2028 are included in this media framework.

 Google patches multiple Android high-risk vulnerabilities 百度资讯 综合其他问题 搜索热点问题 网络新鲜事 互联网 百度资讯 综合其他问题 搜索热点问题 网络新鲜事 互联网 第2张

Some of the vulnerabilities in the Android framework where CVE-2019-2026 is located allow local attackers to gain additional privileges through user interaction. The remaining items are in the running system, where a critical vulnerability could allow a local malicious application to gain access to arbitrary code.

 Google patches multiple Android high-risk vulnerabilities 百度资讯 综合其他问题 搜索热点问题 网络新鲜事 互联网 百度资讯 综合其他问题 搜索热点问题 网络新鲜事 互联网 第3张

Currently, the security patch level of 2019-04-01 or later has resolved the issue. Google is expected to release a second wave of security patches on April 5th to resolve any issues related to it. Users can check and update the Android version to check the security patch level of the device.


推荐阅读:

任正非:欧美一定会买我们的产品 华为今年营收至少增20%

「通知」.com/.net域名从2019年1月1日起涨价啦

研究表明:推迟上课时间有助于改善弱势学生的成绩

文章投稿或转载声明:

来源:里维斯社版权归原作者所有,转载请保留出处。本站文章发布于 8个月前 ( 04-03 )
温馨提示:文章内容系作者个人观点,不代表我爱技术网对其观点赞同或支持。