- USDT(TRC-20)
- $0.0
It's Android security patch time again, and in the Android Security Bulletin for February 2025, Google has addressed 47 different bugs affecting its mobile operating system—one of which "may be under limited, targeted exploitation." In other words, hackers may already be taking advantage of it in the wild.
As usual, the patches here cover all kinds of different issues, from attacks that could take advantage of the AutoFill function on Android, to exploits in Qualcomm chips that could create corruptions in the memory on a device. Each bug is ranked in terms of its severity, and linked to a particular part of the system.
Google doesn't offer too much detail about potential hacks in the interests of security, but the vulnerability that may have already been exploited is labeled CVE-2024-53104. As per The Hacker News, it relates to "privilege escalation" that could be triggered through an externally attached USB video device.
That means malicious code could trick Android into giving it VIP access to the system, and to settings and data access that are normally closed off from third-party apps. It would need some clever manipulation of video frame data to work, and it's reportedly been present in the Linux kernel since 2008.
According to GrapheneOS, one way the security hole could be taken advantage of is to pull data off a phone or tablet without permission—though physical access to the device would be required. There are no public details of how this might have been actively exploited, or by whom, but this latest update will fix the problem.
Check for security updates for your Android phone. Credit: Lifehacker
As well as issuing updates for its own Pixel phones and applying patches to the core Android Open Source Project (AOSP) code that all Android manufacturers use, Google also gives the likes of Samsung, Motorola, and OnePlus at least a month's advance warning that these fixes are coming, so Android phone makers should be prepared.
Security patches are usually pushed out fairly rapidly for obvious reasons, and in most cases all you need to do is sit and wait for an alert that an update is ready for your phone or tablet. These updates work in tandem with the real time security protection offered by Google Play Protect.
If you're on a Pixel phone, you can check for updates by heading to Settings then tapping System > Software update > System update. Whether or not an update is available, you can see the version of Android you're on and when the last update was applied.
Samsung Galaxy phones work along similar lines: Again, you'll find a Software update entry in Settings, and you can choose Download and install if there are any updates in the pipeline. Android devices from other manufacturers will offer a similar option.
Google has actually split this security update into two, so its Android partners can address the most critical bugs more quickly before moving on to the second batch—so you may find you've got a couple of updates coming your way. "Android partners are encouraged to fix all issues in this bulletin and use the latest security patch level," says Google.
Full story here:
As usual, the patches here cover all kinds of different issues, from attacks that could take advantage of the AutoFill function on Android, to exploits in Qualcomm chips that could create corruptions in the memory on a device. Each bug is ranked in terms of its severity, and linked to a particular part of the system.
Google doesn't offer too much detail about potential hacks in the interests of security, but the vulnerability that may have already been exploited is labeled CVE-2024-53104. As per The Hacker News, it relates to "privilege escalation" that could be triggered through an externally attached USB video device.
That means malicious code could trick Android into giving it VIP access to the system, and to settings and data access that are normally closed off from third-party apps. It would need some clever manipulation of video frame data to work, and it's reportedly been present in the Linux kernel since 2008.
According to GrapheneOS, one way the security hole could be taken advantage of is to pull data off a phone or tablet without permission—though physical access to the device would be required. There are no public details of how this might have been actively exploited, or by whom, but this latest update will fix the problem.
What Android users need to do
Check for security updates for your Android phone. Credit: Lifehacker
As well as issuing updates for its own Pixel phones and applying patches to the core Android Open Source Project (AOSP) code that all Android manufacturers use, Google also gives the likes of Samsung, Motorola, and OnePlus at least a month's advance warning that these fixes are coming, so Android phone makers should be prepared.
Security patches are usually pushed out fairly rapidly for obvious reasons, and in most cases all you need to do is sit and wait for an alert that an update is ready for your phone or tablet. These updates work in tandem with the real time security protection offered by Google Play Protect.
If you're on a Pixel phone, you can check for updates by heading to Settings then tapping System > Software update > System update. Whether or not an update is available, you can see the version of Android you're on and when the last update was applied.
Samsung Galaxy phones work along similar lines: Again, you'll find a Software update entry in Settings, and you can choose Download and install if there are any updates in the pipeline. Android devices from other manufacturers will offer a similar option.
Google has actually split this security update into two, so its Android partners can address the most critical bugs more quickly before moving on to the second batch—so you may find you've got a couple of updates coming your way. "Android partners are encouraged to fix all issues in this bulletin and use the latest security patch level," says Google.
Full story here:
![[DK]](/data/avatars/s/57/57999.jpg?1720990206){kind=avatar}
