Google has patched a high-severity security flaw that was being actively used to attack the Android kernel in the field
A high-severity security hole that was actively exploited in the field and affected the Android kernel has been fixed by Google. The vulnerability, identified as CVE-2024-36971, has been characterized as a kernel-impacting instance of remote code execution. “CVE-2024-36971 appears to be vulnerable to limited, deliberate exploitation,” the tech giant stated in its August 2024 monthly Android security advisory. As is customary, the business withheld further information about the type of cyberattacks that took advantage of the vulnerability and did not link the activity to any specific threat actor or group. It’s unclear at this time whether Pixel smartphones are affected by the bug as well.
Nevertheless, the vulnerability was reported by Clement Lecigne of Google’s Threat Analysis Group (TAG), indicating that commercial spyware providers are probably using it to penetrate Android devices in highly focused attacks. A total of 47 vulnerabilities are fixed in the August patch, including those found in parts connected to Qualcomm, MediaTek, Arm, and Imagination Technologies. Twelve privilege escalation bugs, one information disclosure bug, and one denial-of-service (DoS) bug affecting the Android Framework have also been fixed by Google. In June 2024, the search engine business disclosed that restricted and targeted attacks have taken advantage of an elevation of privilege vulnerability in Pixel firmware (CVE-2024-32896).
After that, Google informed us that the problem affects more than just Pixel smartphones and that it is collaborating with OEM partners to implement the necessary solutions. Two security holes in the firmware and bootloader (CVE-2024-29745 and CVE-2024-29748) that were previously exploited by forensic firms to acquire private information were also patched by the manufacturer.The development coincides with the addition of CVE-2018-0824, a remote code execution vulnerability affecting Microsoft COM for Windows, to the list of known exploited vulnerabilities (KEV) by the U.S. Cybersecurity and Infrastructure Security Agency (CISA). This means that federal agencies must implement patches by August 26, 2024. The update comes after Cisco Talos revealed that a Chinese nation-state threat actor known as APT41 has weaponized the vulnerability in a cyberattack.
Also read: Achieving Rapid Outcomes with AI-Driven Cloud Analytics
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.
