News Comments FAQ Related Articles

Google Patches 58 Android Vulnerabilities in February Security Update

3071

android

Google released its second Android patch update of 2017 on Feb. 6, providing users of the mobile operating system with patches for 58 different vulnerabilities, up significantly from the 13 flaws Google fixed in its February 2016 Android update.


In the new February 2017 update, 8 vulnerabilities are rated by Google as critical. Among the critical vulnerabilities is CVE-2017-0405, which is a remote code execution vulnerability in the Android Surfaceflinger graphics library.

" A remote code execution vulnerability in Surfaceflinger could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing," Google warns in its advisory. " This issue is rated as Critical due to the possibility of remote code execution within the context of the Surfaceflinger process. "
The Surfaceflinger issue was reported by researchers Scott Bauer and Daniel Micay of Copperhead Security. Micay in particular is no stranger to reporting Android vulnerabilities and was credited back in October 2015 for reporting a security flaw that was dubbed ' Stagefright 2' at the time. The original Stagefright media server flaw was first disclosed in July 2015 and is the vulnerability that led to Google start its monthly patch process in August 2015.

Tags:
Author: 

Comments ( 0 )

No comments available

Frequently asked questions ( 5 )

Q

what is Remote code execution vulnerability in libgdx?

A

A remote code execution vulnerability in libgdx could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library.

Q

how to Elevation of privilege vulnerability in Java.Net?

A

An elevation of privilege in the Java.Net library could enable malicious web content to redirect a user to another website without explicit permission. This issue is rated as High because it is a remote bypass of user interaction requirements.

Q

Information disclosure vulnerability in AOSP Mail?

A

An information disclosure vulnerability in AOSP Mail could enable a local malicious application to bypass operating system protections that isolate application data from other applications.

Q

how to get Information disclosure vulnerability in Framework APIs?

A

An information disclosure vulnerability in the Framework APIs could enable a local malicious application to bypass operating system protections that isolate application data from other applications.

Q

what is Denial of service vulnerability in Bionic DNS?

A

A denial of service vulnerability in Bionic DNS could enable a remote attacker to use a specially crafted network packet to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service.

Related Tutorials in Google Patches 58 Android Vulnerabilities in February Security Update

Related Tutorials in Google Patches 58 Android Vulnerabilities in February Security Update

How to install Chrome on Kali Linux
How to install Chrome on Kali Linux
Jul 11, 2017
How to Access google from Linux Terminal
How to Access google from Linux Terminal
Jul 16, 2016
How to install Google Chrome 63 on CentOS 7
How to install Google Chrome 63 on CentOS 7
Mar 22, 2018
How to install Google Chrome in Solus-3
How to install Google Chrome in Solus-3
Feb 26, 2018
How to install Chrome OS theme on Ubuntu
How to install Chrome OS theme on Ubuntu
May 19, 2017
How to Install or Upgrade Google Chrome 63 on Linux Mint 18.3
How to Install or Upgrade Google Chrome 63 on Linux Mint 18.3
Apr 10, 2018
How to Install Google Chrome Latest Version 73-0.3683.103 On Ubuntu 18.10
How to Install Google Chrome Latest Version 73-0.3683.103 On Ubuntu 18.10
May 17, 2019
How to Install Google Chrome in Debian
How to Install Google Chrome in Debian
Nov 15, 2016

Related Forums in Google Patches 58 Android Vulnerabilities in February Security Update

Related Forums in Google Patches 58 Android Vulnerabilities in February Security Update

google chrome
jacob class=
How to fix Chrome (--no-sandbox is not supported) error in centos
Oct 30, 2019
Linux
john class=
shortcut to open incognito browsing for chrome in linux
May 4, 2017
google chrome
sebastian class=
SSL Connection Error
Mar 1, 2021
google chrome
iqbal class=
Error 101 (net:: ERR_CONNECTION_RESET): The Connection was reset
Sep 29, 2021
Browser
stewart class=
How check extentions in Chrome
Nov 2, 2017
google chrome
Aditya class=
It seems There's an issue between your browser and WebGL
Nov 12, 2019

Related News in Google Patches 58 Android Vulnerabilities in February Security Update

Related News in Google Patches 58 Android Vulnerabilities in February Security Update

Uninstall Blacklisted Extensions With Google's Chrome Admin Policy
Uninstall Blacklisted Extensions With Google's Chrome Admin Policy
Apr 11, 2019
5 Best Secure and Private Web Browsers to Look Our For
5 Best Secure and Private Web Browsers to Look Our For
Nov 24, 2018
Chrome extension Trojan tricks victims in an endless malware loop
Chrome extension Trojan tricks victims in an endless malware loop
Apr 29, 2017
Google ditches Symantec over sloppy certs
Google ditches Symantec over sloppy certs
Mar 25, 2017
Google Patches 58 Android Vulnerabilities in February Security Update
Google Patches 58 Android Vulnerabilities in February Security Update
Feb 9, 2017
Chrome 58 is rolling out to Mac, Windows and Linux with improvements to iframe navigation
Chrome 58 is rolling out to Mac, Windows and Linux with improvements to iframe navigation
Apr 20, 2017
Google to tighten restrictions in Chrome on MacOS.
Google to tighten restrictions in Chrome on MacOS.
Mar 3, 2017
SingleFile Used as a Veil in New Phishing Attacks
SingleFile Used as a Veil in New Phishing Attacks
Apr 9, 2019
Back To Top!