Indian Computer Emergency Response Team (CERT-IN) recently issued a warning for Android smartphone users. The government body has reported that it has found several new vulnerabilities in several versions of Google’s Android operating systems. Also, CERT-In has classified these vulnerabilities as ‘high severity and reported that these vulnerabilities can be “exploited by an attacker to gain elevated privileges, execute arbitrary code, gain access to sensitive information and cause a denial of services (DoS) condition on the targeted system”.
For those unaware, CERT-IN is a nodal agency under the Ministry of Electronics and Information Technology. It deals with cybersecurity threats like phishing and hacking.
Who is affected
According to the report, users running Android 10, Android 11, Android 12, Android 12L and Android 13 are affected by these new vulnerabilities.
Why do these vulnerabilities exist in Android operating systems
CERT-In has specified that these vulnerabilities “exist in Google Android due to flaws in Android Runtime, Framework, Media Framework components, System, Google Play system update, Kernel components, Imagination Technologies components, MediaTek components, Unisoc components, Qualcomm components and Qualcomm closed-source components”.
This means that the newly found vulnerabilities in Android affect all the devices irrespective of the chipset they are using. The issues are valid for MediaTek components, Unisoc and Qualcomm components.
The government body has further specified that successful exploitation of these vulnerabilities can grant attackers access to execute arbitrary code, gain access to sensitive information and cause a denial of services (DoS) on the targeted system.
What’s the solution
CERT-In has advised the users to apply appropriate updates when made available by the respective OEM. What this means is users are required to update their smartphones to the latest version of the firmware available for their devices, when available.
Also watch:
For those unaware, CERT-IN is a nodal agency under the Ministry of Electronics and Information Technology. It deals with cybersecurity threats like phishing and hacking.
Who is affected
According to the report, users running Android 10, Android 11, Android 12, Android 12L and Android 13 are affected by these new vulnerabilities.
Why do these vulnerabilities exist in Android operating systems
CERT-In has specified that these vulnerabilities “exist in Google Android due to flaws in Android Runtime, Framework, Media Framework components, System, Google Play system update, Kernel components, Imagination Technologies components, MediaTek components, Unisoc components, Qualcomm components and Qualcomm closed-source components”.
This means that the newly found vulnerabilities in Android affect all the devices irrespective of the chipset they are using. The issues are valid for MediaTek components, Unisoc and Qualcomm components.
The government body has further specified that successful exploitation of these vulnerabilities can grant attackers access to execute arbitrary code, gain access to sensitive information and cause a denial of services (DoS) on the targeted system.
What’s the solution
CERT-In has advised the users to apply appropriate updates when made available by the respective OEM. What this means is users are required to update their smartphones to the latest version of the firmware available for their devices, when available.
Also watch:
Realme 10 pro plus- Worth it under 30k?
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.
Denial of responsibility! NewsUpdate is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@newsupdate.uk. The content will be deleted within 24 hours.