公告:

Google patches multiple Android high-risk vulnerabilities

作者:整理砖家 / 时间:1年前 (2019/04/03) / 分类:互联网 / 阅读:4513 / 评论:0

Google released a security bulletin on April 1 to fix a number of high-risk vulnerabilities in Android.

 Google patches multiple Android high-risk vulnerabilities 百度资讯 综合其他问题 搜索热点问题 网络新鲜事 互联网 第1张

Major Android vendors, including Samsung, Pixel and LG, have received notifications at least a month before the announcement. Within 48 hours after the announcement, Google will also release the source code of the security patch to the Android Open Source Project (AOSP) repository.

Among them, the highest level of risk is a serious security vulnerability in the media framework (media framwork), which allows an attacker to transfer the changed file to remotely execute arbitrary code with permissions. Both CVE-2019-2027 and CVE-2019-2028 are included in this media framework.

 Google patches multiple Android high-risk vulnerabilities 百度资讯 综合其他问题 搜索热点问题 网络新鲜事 互联网 第2张

Some of the vulnerabilities in the Android framework where CVE-2019-2026 is located allow local attackers to gain additional privileges through user interaction. The remaining items are in the running system, where a critical vulnerability could allow a local malicious application to gain access to arbitrary code.

 Google patches multiple Android high-risk vulnerabilities 百度资讯 综合其他问题 搜索热点问题 网络新鲜事 互联网 第3张

Currently, the security patch level of 2019-04-01 or later has resolved the issue. Google is expected to release a second wave of security patches on April 5th to resolve any issues related to it. Users can check and update the Android version to check the security patch level of the device.


推荐阅读:

和大家聊聊关于百度云加速和cloudflare的关系

Linux操作系统有什么吸引力,在程序员中如此受欢迎?

微信出行权益限时体验 领各类优惠券和会员周卡

  • QQ群
  • 微信公众号