Thank you for reading this post, don't forget to subscribe!
Indian Computer Emergency Response Team (CERT-IN) recently issued a warning for Android smartphone users. The government body has reported that it has found several new vulnerabilities in several versions of Google’s Android operating systems. Also, CERT-In has classified these vulnerabilities as ‘high severity and reported that these vulnerabilities can be “exploited by an attacker to gain elevated privileges, execute arbitrary code, gain access to sensitive information and cause a denial of services (DoS) condition on the targeted system”.
For those unaware, CERT-IN is a nodal agency under the Ministry of Electronics and Information Technology. It deals with cybersecurity threats like phishing and hacking.
Who is affected
According to the report, users running Android 10, Android 11, Android 12, Android 12L and Android 13 are affected by these new vulnerabilities.
Why do these vulnerabilities exist in Android operating systems
CERT-In has specified that these vulnerabilities “exist in Google Android due to flaws in Android Runtime, Framework, Media Framework components, System, Google Play system update, Kernel components, Imagination Technologies components, MediaTek components, Unisoc components, Qualcomm components and Qualcomm closed-source components”.
This means that the newly found vulnerabilities in Android affect all the devices irrespective of the chipset they are using. The issues are valid for MediaTek components, Unisoc and Qualcomm components.
The government body has further specified that successful exploitation of these vulnerabilities can grant attackers access to execute arbitrary code, gain access to sensitive information and cause a denial of services (DoS) on the targeted system.
What’s the solution
CERT-In has advised the users to apply appropriate updates when made available by the respective OEM. What this means is users are required to update their smartphones to the latest version of the firmware available for their devices, when available.
Also watch:
For those unaware, CERT-IN is a nodal agency under the Ministry of Electronics and Information Technology. It deals with cybersecurity threats like phishing and hacking.
Who is affected
According to the report, users running Android 10, Android 11, Android 12, Android 12L and Android 13 are affected by these new vulnerabilities.
Why do these vulnerabilities exist in Android operating systems
CERT-In has specified that these vulnerabilities “exist in Google Android due to flaws in Android Runtime, Framework, Media Framework components, System, Google Play system update, Kernel components, Imagination Technologies components, MediaTek components, Unisoc components, Qualcomm components and Qualcomm closed-source components”.
This means that the newly found vulnerabilities in Android affect all the devices irrespective of the chipset they are using. The issues are valid for MediaTek components, Unisoc and Qualcomm components.
The government body has further specified that successful exploitation of these vulnerabilities can grant attackers access to execute arbitrary code, gain access to sensitive information and cause a denial of services (DoS) on the targeted system.
What’s the solution
CERT-In has advised the users to apply appropriate updates when made available by the respective OEM. What this means is users are required to update their smartphones to the latest version of the firmware available for their devices, when available.
Also watch:
Realme 10 pro plus- Worth it under 30k?