Google Fixes Multiple vulnerabilities with Remote Code Execution in Android devices.
Google released Security Patch 2018-10-01 For 26 vulnerabilities in Android including Android Framework, systems and kernel components.
The most high critical vulnerability is Remote Code Execution, patched in the October security update. The vulnerability allow to attacker and execute arbitrary code remotely by using a crafted file.
The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigation are turned off for development purposes or if successfully bypassed, published in Android Security bulletin.
The most severe of these issues is a critical security vulnerability in Framework that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.
Security fixes for Pixel devices.
- Security fixes and improved performance for certain protected media formats for Pixel 2, Pixel 2 XL devices.
- Fast-charging behavior for Pixel devices Pixel, Pixel XL devices improved.
- Also, improved stability when using Android Auto for Pixel 2, Pixel 2 XL devices.
- Modified Call Screening behavior when using Maps Navigation for all devices.
For Google devices, security patch levels of 2018-10-05 or later address all issues in this bulletin and all issues in the October 2018 Android Security Bulletin.
These updates are included for affected Pixel devices to address functionality issues not related to the security of Pixel devices. The table includes associated references; the affected category, such as Bluetooth or mobile data; improvements; and affected devices.
How To Update Your Android Operating System?
- Open your Android mobile device’s Settings app.
- Near the bottom, tap System and then Advanced and then System update. If you don’t see ‘Advanced’, tap About phone.
- See your ‘Android OS version’ and ‘Security patch level’.