Technology

Android Unleashes 2025’s First Security Update: A Fortress Against Vulnerabilities!

- by fooshya - Leave a Comment

This page was generated automatically; to view the article in its original place, you can navigate to the link below:
https://cyberscoop.com/android-security-update-january-2025/
and if you wish to eliminate this article from our website, please reach out to us


Android has launched its initial security update for the year, revealing multiple critical and high-severity flaws affecting a vast array of Android devices.

The advisory points out five critical remote code execution (RCE) vulnerabilities impacting what Android defines as the “system,” which includes the core components and foundational architecture of Android. These vulnerabilities could enable attackers to run code without requiring extra privileges. Devices that receive a security patch level dated January 5, 2025, or subsequent are safeguarded against these vulnerabilities.

The vulnerabilities are detailed as follows:

  • CVE-2024-43096
  • CVE-2024-43770
  • CVE-2024-43771
  • CVE-2024-49747
  • CVE-2024-49748

Samsung, which utilizes Android as the operating system for its devices, released a fix for these vulnerabilities in a December update.

The vulnerabilities were identified by experts at Oppo’s Amber Security Lab. Oppo is a Chinese consumer electronics brand that operates a customized version of the Android OS on its products.

Moreover, the advisory provides insights on vulnerabilities in components from external vendors, including MediaTek and Qualcomm.

A vulnerability in MediaTek’s modem chipset (CVE-2024-20154) could permit data to be written inappropriately due to the absence of checks ensuring it remains within secure boundaries. This issue could potentially allow an individual to control the device remotely by deceiving it into connecting to a counterfeit cell tower.

A specific Qualcomm vulnerability, noted as CVE-2024-21464, arises from an issue in the component of a device that oversees data networks and connections. There is a problem when data is copied without verifying if it fits correctly into the available memory space. This may lead to errors in memory, particularly when there are no active users utilizing the device’s internet functionalities.

Users with Google-issued devices, such as the Google Pixel, or associated Android partners, are urged to apply these patches swiftly and effectively.

You can read the complete advisory here.

Greg Otto

Authored by Greg Otto

Greg Otto serves as Editor-in-Chief of CyberScoop, overseeing all editorial material for the site. He has directed cybersecurity reporting that has garnered multiple awards, including honors from the Society of Professional Journalists and the American Society of Business Publication Editors. Before joining Scoop News Group, Greg was employed by the Washington Business Journal, U.S. News & World Report, and WTOP Radio. He holds a degree in broadcast journalism from Temple University.


This page was generated automatically; to view the article in its original place, you can navigate to the link below:
https://cyberscoop.com/android-security-update-january-2025/
and if you wish to eliminate this article from our website, please reach out to us

Related Posts

Pale Blue: Revolutionizing Space Travel with Aquatic Propulsion Technology

Is Zuckerberg’s Gamble on Trump the Ultimate Win?

The Harmonious Dance: How Gut Microbes Collaborate with Our Bodies to Control Fat Metabolism

About fooshya

View all posts by fooshya →

Leave a Reply

Your email address will not be published. Required fields are marked *