web analytics
Home » Technology » Android » Google Fixes RCE Vulnerability With June Android Patch

Google Fixes RCE Vulnerability With June Android Patch

Google has launched the regular June update for Android. According to the Android Security Bulletin for June 2022 Google is addressing a number of security vulnerabilities – and the first partners have already released their patches. The security update addresses all Android versions. Android 10, 11, and 12 were first deployed on Google Pixel.

But the first Google partners have already responded to the critical vulnerabilities and released new patches. With the update, Google fixes some security vulnerabilities, some of which are classified as critical, which according to current information could be used to allow remote attackers to execute arbitrary code on devices (RCE vulnerability). Vulnerabilities to remote code execution are particularly serious because they can lead to information disclosure, high-level system compromise, and outright takeover of the device.

The update also includes some fixes for vulnerabilities in the Media Framework and in the Android kernel. The security patch also fixes faulty components of MediaTek, Unisoc, and Qualcomm.

Security patch level strings

  • Version 2022-06-01 includes the so-called partial security patch level suite, which contains four critical vulnerabilities and 18 vulnerabilities classified as high.
  • In version 2022-06-05, the complete Security Patch Level String, further security gaps are addressed.

Automatic updates began

All Android users will receive the security update marked version 2022-06-01 or 202-06-05. Pixel whips get patch level 2022-06-05. According to Google, the Android partners were informed of all patch-level issues prior to the release of the update. Google has already started the update for its own Pixel devices, which must be delivered within 48 hours.

BSI warns about vulnerabilities

The Federal Office for Information Security (BSI) is already warning against exploiting the security loopholes. The BürgerCERT, therefore, recommends installing the manufacturer’s security updates immediately to close the vulnerabilities.