Android customers want to obtain an important security patch that Google has simply launched. The newest May 2022 security update fixes an Android vulnerability that was being actively exploited, with the flaw first found by Google researchers again in January. It’s not clear precisely what menace the vulnerability poses, however it has taken months for Google to rollout a repair to handle this concern.The flaw, which has been labelled CVE-2021-22600, is a Linux kernel vulnerability that menace actors can exploit with native entry.It has been given a 7.8 severity ranking by the National Vulnerability Database (NVD), which suggests it ranks as a ‘excessive’ danger menace.The repair for the harmful Android vulnerability has been rolled as a part of the newest May 2022 security update.In the patch notes for the obtain Google confirmed that “there are indications that CVE-2021-22600 could also be beneath restricted, focused exploitation”.The newest security patch in complete brings with it over two dozen fixes together with measures that handle one vital flaw and 18 excessive danger severity flaws.Among the fixes the brand new update contains is the lengthy-awaited repair for CVE-2022-0847, which is extra generally generally known as the ‘Dirty Pipe’ exploit.This vulnerability, which is among the largest Linux flaws in years, permits an unprivileged person to overwrite information that’s supposed to be learn-solely. Not solely this, however this could additionally lead to further privilege escalation.The repair for the flaw, which was first found in March, has been a very long time coming – with Samsung releasing a patch to handle this menace final month.This uncommon state of affairs means the Galaxy makers beat Google to releasing a repair for the Android flaw by a complete month.Speaking about what points the most recent patch fixes, Google says: “The most extreme of those points is a excessive security vulnerability within the Framework part that might lead to native escalation of privilege with User execution privileges wanted. The severity evaluation relies on the impact that exploiting the vulnerability might have on an affected system, assuming the platform and repair mitigations are turned off for growth functions or if efficiently bypassed.”To be certain your telephone has the most recent model of Android put in, head to the Settings app of your telephone. Then faucet on System adopted by System Update.You will then give you the option to see your update standing. Simply comply with the steps on display screen to be certain your telephone is up-to-date.
https://www.express.co.uk/life-style/science-technology/1606604/Google-releases-urgent-Android-security-update-download-to-stay-safe
Google releases urgent Android security update – Download to stay safe
