Table of content

Google has released security patches for Android devices running OS versions 10, 11, and 12 in June 2022, which address 41 vulnerabilities, five of which are considered critical.

The security update is split into two parts, with the first one arriving on June 1 and the second coming on June 5. The first comprises Android system and framework components updates, while the second contains the kernel and third-party vendor closed source component updates.

CVE-2022-20210, a remote code execution issue that threat actors can exploit without meeting stringent requirements, stands out among the five severe vulnerabilities this month.

Remote code execution issues are hazardous since they can lead to data leakage, high-level system compromise, and device takeover.

CVE-2022-20140 and CVE-2022-20145, both critical-severity escalation of privilege problems, are two other vital patches that arrived at the initial level.

Malware that has infiltrated a device via a low-privilege pathway, such as installing an innocuous program, generally exploits these vulnerabilities to increase their execution or access authorization as needed for nefarious purposes.

CVE-2022-20130, which affects the Media Codecs component, is the fourth critical flaw addressed by the “June 1, 2022” patch version.

The fifth critical flaw remedy is only available through the “June 5, 2022” patch level since it only affects Unisoc chips.

This vulnerability, dubbed CVE-2022-20210, was found earlier this month by Check Point researchers, who determined that a faulty packet could be used to disable the device’s radio connectivity.

Unisoc makes up roughly 11% of the Android Market and is primarily found in low-cost or rugged devices utilized by the military and others.

Even if none of the following vulnerabilities are currently recognized as actively exploited, it is critical to apply the applicable update as soon as it becomes available for your device.

It’s worth noting that Samsung beat Google by a day this month, releasing the June patch, which includes all of the updates mentioned above, yesterday.

That’s correct. Suppose your smartphone is no longer maintained by the manufacturer and no longer receives security updates. In that case, you should install a third-party Android distribution that includes the most recent patches and security features for older devices.

For our team’s latest technological insights and news, visit- News insights and technology updates

News source: Bleepingcomputer