Android’s October 2024 Update Patches 26 Vulnerabilities

2 months ago 15
News Banner

Looking for an Interim or Fractional CTO to support your business?

Read more

Google on Monday announced the roll-out of patches for 26 high-severity vulnerabilities as part of Android’s October 2024 security update.

As usual, the internet giant split the update into two parts, to provide manufacturers with flexibility in addressing issues that impact a broader range of devices.

The first part of the update, which arrives on devices as the 2024-10-01 security patch level, includes fixes for three flaws in the Framework component and four in System.

The bugs, Google notes in its advisory, could be exploited to achieve elevation of privilege, denial-of-service (DoS), or remote code execution.

“The most severe of these issues is a high security vulnerability in the System component that could lead to remote code execution with no additional execution privileges needed,” the advisory reads.

The second part of the update, rolling out as the 2024-10-05 security patch level, resolves 19 vulnerabilities in Imagination Technologies, MediaTek, and Qualcomm graphics, connectivity, and display components.

All devices running a security level of 2024-10-05 or later contain fixes for all these flaws, as well as for the bugs patched with previous Android security updates.

Google makes no mention of any of these vulnerabilities being exploited in the wild, but users are advised to update their devices as soon as possible, as attackers are known to have exploited Android security defects for which patches have been released.

Advertisement. Scroll to continue reading.

The internet giant has not published an advisory detailing this month’s security update for Pixel devices, but noted that no Android Automotive OS and Wear OS security patches were released this month.

However, devices running these platform iterations will be updated to a security patch level of 2024-10-05, which contains all the fixes detailed in the October 2024 Android security bulletin.

Related: Google Sees Drop in Memory Safety Bugs in Android as Code Matures

Related: Android’s September 2024 Update Patches Exploited Vulnerability

Related: Google Launches Strong Encryption for Android Messages

Related: Google Patches Critical Vulnerabilities in Android’s Media Framework

Read Entire Article