我爱技术网

您现在的位置是:首页 > 互联网 > 正文

互联网

Google patches multiple Android high-risk vulnerabilities

整理砖家2019-04-03互联网4570
GooglereleasedasecuritybulletinonApril1tofixanumberofhigh-riskvulnerabilitiesinAndro

Google released a security bulletin on April 1 to fix a number of high-risk vulnerabilities in Android.

 Google patches multiple Android high-risk vulnerabilities 百度资讯 综合其他问题 搜索热点问题 网络新鲜事 互联网 第1张

Major Android vendors, including Samsung, Pixel and LG, have received notifications at least a month before the announcement. Within 48 hours after the announcement, Google will also release the source code of the security patch to the Android Open Source Project (AOSP) repository.

Among them, the highest level of risk is a serious security vulnerability in the media framework (media framwork), which allows an attacker to transfer the changed file to remotely execute arbitrary code with permissions. Both CVE-2019-2027 and CVE-2019-2028 are included in this media framework.

 Google patches multiple Android high-risk vulnerabilities 百度资讯 综合其他问题 搜索热点问题 网络新鲜事 互联网 第2张

Some of the vulnerabilities in the Android framework where CVE-2019-2026 is located allow local attackers to gain additional privileges through user interaction. The remaining items are in the running system, where a critical vulnerability could allow a local malicious application to gain access to arbitrary code.

 Google patches multiple Android high-risk vulnerabilities 百度资讯 综合其他问题 搜索热点问题 网络新鲜事 互联网 第3张

Currently, the security patch level of 2019-04-01 or later has resolved the issue. Google is expected to release a second wave of security patches on April 5th to resolve any issues related to it. Users can check and update the Android version to check the security patch level of the device.


推荐阅读:

如何与支付宝的9亿红包活动组成团队如何加入团队

服务器该多久备份一次,用什么方式方法备份服务器最安全

Mozilla取消Firefox 64.0 Stable for Android版更新,将在64.0.1发布