Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

37 Vulnerabilities Patched in Android

Android’s June 2024 security update resolves 37 vulnerabilities, including high-severity flaws in Framework and System.

Android security

Google this week started rolling out the June 2024 set of monthly security updates for Android, with patches for 37 vulnerabilities, including multiple high-severity elevation of privilege bugs.

The first part of this month’s security update, which arrives on devices as the 2024-06-01 security patch level, resolves 19 flaws in the Framework and System components.

“The most severe of these issues is a high security vulnerability in the System component that could lead to local escalation of privilege with no additional execution privileges needed,” Google notes in its advisory.

A total of seven security defects were addressed in the System component this month, all leading to elevation of privilege. Of the 12 issues resolved in Framework, ten are elevation of privilege bugs, one leads to information disclosure, and one to denial of service.

The second part of the update arrives on devices as the 2024-06-05 security patch level and addresses an additional 18 vulnerabilities in Kernel, Imagination Technologies, and Arm, MediaTek, and Qualcomm components. Three of the Qualcomm-specific flaws are critical.

Devices running a security patch level of 2024-06-05 contain fixes for all these bugs, as well as for security defects addressed with previous patch levels.

This week, Google also announced patches for three other vulnerabilities in the Framework and System components of Wear OS. The Wear OS update also includes all the fixes delivered with the Android 2024-06-05 security patch level.

The June 2024 Android Automotive OS (AAOS) security bulletin, on the other hand, contains no new AAOS patches, but the AAOS update contains Android’s 2024-06-05 security patch level fixes.

Advertisement. Scroll to continue reading.

No June 2024 security bulletins have been published for Pixel and Pixel Watch devices yet.

Google makes no mention of any of the vulnerabilities addressed with this month’s security updates being exploited in the wild. Users are advised to update their devices as soon as possible.

Related: Android 15 Brings Improved Fraud and Malware Protections

Related: Unwanted Tracking Alerts Rolling Out to iOS, Android

Related: Android Update Patches Critical Vulnerability

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Retired U.S. Army General and former NSA Director Paul M. Nakasone has joined the Board of Directors at OpenAI.

Jill Passalacqua has been appointed Chief Legal Officer at autonomous security solutions provider Horizon3.ai.

Cisco has appointed Sean Duca as CISO and Practice Leader for the APJC region.

More People On The Move

Expert Insights