Cloud Hosting

Google recently patched security vulnerabilities in its latest May 2020 Android security patch. The update was posted on the Android security bulletin published earlier this week. One of the vulnerabilities patched by Google that existed in its Android OS could allow hackers to take control of a users device and make changes with complete system level privileges.

SEE ALSO: Hackers Attack Android Substitute LineageOS Servers Through Unpatched Vulnerability

As per the Center for Internet Security (CIS), a total of 39 vulnerabilities were identified in the Googles Android operating system where one of the vulnerabilities, CVE-2020-0103, could enable Remote code execution. Android OS builds utilizing Security Patch Levels issued prior to May 5, 2020 are affected by the vulnerability. The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted transmission to execute arbitrary code within the context of a privileged process, states the May 2020 security bulletin. It notes that security patch levels of 2020-05-05 or later now address all of these issues.

In case you arent aware of what a remote code execution (RCE) is, it refers to an attackers ability to execute malicious code and gain full access to the target device with complete privileges of the user whos running the application. Depending on the privileges associated with this application, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights, states CIS.

If this application has been configured to have fewer user rights on the system, exploitation of the most severe of these vulnerabilities could have less impact than if it was configured with administrative rights.

According to recommendations made by CIS, appropriate updates should be applied by Google Android or mobile carriers to vulnerable systems and users should be reminded to only download applications from trusted vendors in the Play Store. Users should not visit un-trusted websites or follow links provided by unknown sources.

SEE ALSO: Google Has Issued A Security Warning For Its Google Chrome Users

Read the original here:
Google Releases May 2020 Android Security Patch; Fixes Bug That Allowed Remote Code Execution - Mashable India