Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Android’s First Security Updates for 2023 Patch 60 Vulnerabilities

Google announced on Tuesday the first Android security updates for 2023, which patch a total of 60 vulnerabilities.

The first part of the update, which arrives on devices as the 2023-01-01 security patch level, addresses 19 security defects in the Framework and System components.

Google announced on Tuesday the first Android security updates for 2023, which patch a total of 60 vulnerabilities.

The first part of the update, which arrives on devices as the 2023-01-01 security patch level, addresses 19 security defects in the Framework and System components.

“The most severe of these issues is a high security vulnerability in the Framework component that could lead to local escalation of privilege with no additional execution privileges needed,” Google notes in its advisory.

A total of 11 elevation of privilege bugs were resolved in the Framework component this month, along with three denial-of-service (DoS) issues. Five other elevation of privilege vulnerabilities were addressed in the System component.

The second part of this month’s security update, which arrives on devices as the 2023-01-05 security patch level, addresses 41 vulnerabilities in Kernel and third-party components.

The most important of these vulnerabilities are four critical-severity flaws in Kernel and Kernel components, all leading to remote code execution (RCE). Two high-severity elevation of privilege bugs were also addressed in Kernel and Kernel components.

The 2023-01-05 security patch level also fixes vulnerabilities in Kernel LTS (1 bug), Imagination Technologies components (1), MediaTek components (3), Unisoc components (13), Qualcomm components (2), and Qualcomm closed-source components (15).

A security patch level of 2023-01-05 addresses all issues resolved with this and previous Android security updates.

Advertisement. Scroll to continue reading.

This month, Google resolved eight additional vulnerabilities in Pixel devices, including three high-severity Pixel flaws and five medium-severity issues in Qualcomm components.

Google also announced patches for eight vulnerabilities as part of the January 2023 security updates for Android Automotive, including three mandatory issues in the Media Framework and Platform Apps components, and five optional bugs in Platform Apps, System UI, and Kernel components.

Related: Over 75 Vulnerabilities Patched in Android With December 2022 Security Updates

Related: Google Patches High-Severity Privilege Escalation Vulnerabilities in Android

Related: Android Security Updates Patch Critical Vulnerabilities

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Jared Bartel has been named CISO at Idaho State University.

Automated phishing protection and scam prevention company Bolster has appointed Rod Schultz as CEO.

Bugcrowd has appointed Trey Ford as CISO for the Americas.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.