Quick Hits

Android Serves Up a Slew of Security Updates, 4 Critical

Out of more than 80 flaws fixed this month, the most critical was a system component bug that could allow RCE over Bluetooth.

Android's Framework, Kernel, and Google Play were among components that received security updates this month, but the most severe was a critical bug in the System component that, if exploited, could allow remote code execution (RCE) over Bluetooth, without any escalation privileges required. 

In addition to the System vulnerability, tracked under CVE-2022-20411, there are three additional critical flaws addressed by Android this month, including an ID bug in the System component (CVE-2022-20498) and two critical RCE bugs in the Framework component (CVE-2022, 20472 and CVE-2022-20473). 

In total, the Android security update addressed more than 80 vulnerabilities. 

Editors' Choice
Jai Vijayan, Contributing Writer, Dark Reading
Kelly Jackson Higgins 2, Editor-in-Chief, Dark Reading