Why October security patch is crucial for Android users?

Google has started releasing October security patches for Android OS and users are advised to install the update immediately. As per an advisory by the Indian Computer Emergency Response Team (CERT-In), multiple vulnerabilities exist in Android OS that could be exploited by an attacker to gain elevated privileges, access sensitive information and cause denial of service conditions on the targeted phone. Therefore, impacted Android users must update their devices as soon as they receive the October security patch.

The CERT-In advisory is dated October 6, 2022.

On October 3, 2022, Google published its Android security bulletin where it details security vulnerabilities affecting Android devices. Updated two days later on October 5, it says that security patch levels of 2022-10-05 or later address all of these issues. Devices with Android 10 and later may receive security updates as well as Google Play system updates, it further adds.

Which Android OS versions are affected?

The nodal cyber agency’s advisory comes with a high severity rating. According to it, five Android versions are impacted by this vulnerability. These are Android v10, Android v11, Android v12, Android v12L and Android v13.

The agency says that these vulnerabilities exist in Android operating system due to flaws in Framework, Media Framework, System, Kernel, Kernel components, Imagination technologies components, Medialek components, UNISOC components, Qualcomm components and Qualcomm closed-source components.

In another news, with 303 vulnerabilities and a cumulative total of 3,159 vulnerabilities as of 2022, Google Chrome has become the most vulnerable browser available. As per a new report by Atlas VPN, these figures are based on data from the VulDB vulnerability database, covering January 1, 2022 to October 5, 2022. As per the report, Google Chrome is the only browser with new vulnerabilities in the five days in October. Recent ones are CVE-202203318, CVE-2022-3314, CVE-2022-3311, CVE-2022-3309 and CVE-2022-3307. The CVE programme tracks security flaws and vulnerabilities across multiple platforms. The database does not list details for these flaws, but the report said they can lead to memory corruption on a computer.

Catch all the Technology News and Updates on Live Mint.
Download The Mint News App to get Daily Market Updates & Live Business News.

More
Less

Subscribe to Mint Newsletters

* Enter a valid email

* Thank you for subscribing to our newsletter.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TheDailyCheck is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected] The content will be deleted within 24 hours.