Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Google Patches Android Zero-Day Exploited in Targeted Attacks

Google on Monday announced the availability of the November 2021 security updates for Android and warned that one of the patched vulnerabilities has been exploited in attacks.

Google on Monday announced the availability of the November 2021 security updates for Android and warned that one of the patched vulnerabilities has been exploited in attacks.

The zero-day vulnerability is tracked as CVE-2021-1048 and Google says there is evidence that the flaw has been exploited in limited, targeted attacks. The internet giant described it as a use-after-free bug in the kernel that can be exploited for local privilege escalation.

No other information has been provided about the attacks exploiting CVE-2021-1048, but the targeted nature of the attacks suggests that they have been carried out by a state-sponsored threat group, likely for espionage purposes.

Based on data provided by Google, this is the sixth Android vulnerability exploited in malicious attacks in 2021.

The November 2021 Android updates patch a total of nearly 40 vulnerabilities, and Google says the most severe of them affects the System component and can allow a remote attacker to execute arbitrary code in the context of a privileged process.

Critical severity ratings have been assigned to vulnerabilities affecting the System, Android TV, and Qualcomm components. High-severity issues — roughly 30 bugs have this severity rating — have been addressed in the Framework, Media Framework, System, Kernel, Android TV, MediaTek and Qualcomm components.

Advertisement. Scroll to continue reading.

Google has published a separate advisory to describe the 10 vulnerabilities patched in its Pixel devices this month.

Related: Google Android Security Update Patches 40 Vulnerabilities

Related: Recently Patched Android Vulnerability Exploited in Attacks

Related: Google: Four Recently Patched Android Vulnerabilities Exploited in Attacks

Written By

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

BlueVoyant has appointed Ravi Subramanian as CFO and Jamie Coleman as CCO.

Solana Foundation has appointed Michael Coates as Chief Information Security Officer.

Michael Sikorski has joined Coinbase as Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.