[TheRecord] Google fixes Android zero-day exploited in the wild in targeted attacks

Google has released on Monday its monthly Android security bulletin, and the company’s engineers said they patched a zero-day vulnerability that was being exploited in the wild in what they described as “limited, targeted exploitation.”

Tracked as CVE-2021-1048, Google said the vulnerability resided in one of the Android kernel components and was abused to elevate an attacker’s privileges.

Details about the attacks, the threat actor(s) behind them, and the victims have not been shared, as is the standard practice for most security patches. This approach is used in order to give end-users more time to update their vulnerable devices before the same bug is weaponized by other threat actors.

CVE-2021-1048 marks the sixth Android zero-day vulnerability that was exploited this year.

Google patched similar zero-days in the January and May Android security bulletins as well.

The previous zero-days didn’t impact the Android OS kernel itself but rather add-on components from Qualcomm and Arm, respectively.

CVE-2021-11261 – Memory management logic error in Qualcomm kgsl graphics driver.CVE-2021-1905 – Use-after-free vulnerability in Qualcomm GPU.CVE-2021-1906 – Improper error handling in Qualcomm GPU.CVE-2021-28663 – Use-after-free vulnerability in Arm’s Mali GPU.CVE-2021-28664 – Writes to read-only memory bug in Arm’s Mali GPU.

While six vulnerabilities were exploited in Android devices before patches were available (hence the zero-day categorization), Apple has had a harder time this year and the company patched 15 zero-days this year that impacted its iOS/iPhone userbase.

The post Google fixes Android zero-day exploited in the wild in targeted attacks appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[BleepingComputer] Microsoft adds Automatic HTTPS in Edge for secure browsing

Microsoft Edge now can automatically switch users to a secure HTTPS connection when visiting websites over HTTP, after enabling Automatic HTTPS. […] Source: Read More (BleepingComputer)

Read More

[BleepingComputer] Ukrainian extradited for selling 2,000 stolen logins per week

The US Department of Justice has indicted a Ukrainian man for using a malware botnet to brute force computer logon credentials and then selling them on a criminal remote access marketplace. […] Source: Read More (BleepingComputer)

Read More

[BleepingComputer] Firefox now autoupdates on Windows even when not running

The Windows version of Firefox can now automatically upgrade itself to the latest version in the background when the browser is not running. […] Source: Read More (BleepingComputer)

Read More