The Android system is usually vulnerable to multiple attacks from cyber criminals worldwide. This is exactly why Google (Android) as well as OEMs usually release security updates for smartphones. Recently, two Android updates were released and this a “must download” for Android users. According to Google, these updates take care of what it describes as “critical security vulnerability”. Google announced the release of these updates in its new security bulletin. The two Android security patches started rolling out 2020-07-01 and 2020-07-05. These updates also solve difficult security vulnerabilities.
According to the bulletin, one of the updates takes care of vulnerabilities in Android and Google services. However, the other handles the repair of Broadcom, MediaTek, and Qualcomm components. Google says that this update repairs quite serious vulnerabilities. It hopes that smartphone manufacturers will also release this update for their smartphones. Nevertheless, if you are lucky to have gotten this update, please install it immediately. Google’s statement on the update partly reads
“The most severe of these issues is a critical security vulnerability in the System component. This vulnerability could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process. The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed”.
Google OTA files are available in the source link
One of the vulnerabilities allows local malicious applications to bypass user interaction requirements to obtain additional permissions. This means that users don’t need to determine access permissions, and malicious apps can access your phone in depth. This is probably the most serious vulnerability in the announcement. However, as long as you fix it by installing the update if available, you don’t have to worry about it. Another media framework vulnerability allows remote attackers to use a specific file to execute arbitrary code in a privileged process.
If you are looking for OTA files for your Pixel devices to fix these vulnerabilities immediately, you can fix them through the Android source link. Among the component fixes, Qualcomm components is the most affected. If you are using pure Android, you should be getting this update about now. However, other systems may take some time before they release the update for users. Thus, if your device does not have this update, please be patient. It will probably arrive in the coming weeks if your OEM deems it as important.