Google has launched the Android October safety updates, addressing 41 vulnerabilities, all ranging between excessive and significant severity.
On the fifth of every month, Google releases the whole safety patch for the Android OS which comprises each the framework and the seller fixes for that month. As such, this replace additionally incorporates fixes for the ten vulnerabilities that have been addressed within the Safety patch stage 2021-10-01, launched a few days again.
The high-severity flaws fastened this month concern denial of service, elevation of privilege, distant code execution, and data disclosure points.
The three essential severity flaws within the set are tracked as:
- CVE-2021-0870: Distant code execution flaw in Android System, enabling a distant attacker to execute arbitrary code inside the context of a privileged course of.
- CVE-2020-11264: Crucial flaw affecting Qualcomm’s WLAN part, in regards to the acceptance of non-EAPOL/WAPI frames from unauthorized friends obtained within the IPA exception path.
- CVE-2020-11301: Crucial flaw affecting Qualcomm’s WLAN part, in regards to the acceptance of unencrypted (plaintext) frames on safe networks.
Crucial however unexploited
Not one of the 41 flaws addressed this month have been reported to be underneath lively exploitation within the wild, so there ought to be no working exploits for them circulating on the market.
Older units which might be not supported with safety updates now have an elevated assault floor, as a few of the vulnerabilities fastened this month are glorious candidates for menace actors to create working exploits sooner or later.
Bear in mind, Android safety patches aren’t certain to Android variations, and the above fixes concern all variations from Android 8.1 to Android 11. As such, the OS model isn’t a figuring out think about whether or not or not your gadget remains to be supported.
When you have confirmed that your gadget has reached the EOL date, you must both set up a third-party Android distribution that also delivers month-to-month safety patches in your mannequin, or exchange it with a brand new one.
Android followers have been eagerly ready for the discharge of model 12, which was rumored for October 4, 2021, however what they received as a substitute was the source of Android 12 pushed to the Android Open Source Project.
This step signifies that the precise launch is simply across the nook, and OTA improve alerts may hit eligible units, just like the Pixel, very quickly.