This week, Google released patches for 40 vulnerabilities as part of the February 2023 security updates for the Android operating system. The first part of the update, with a security patch level of 2023-02-01, resolves 17 high-severity vulnerabilities that could lead to local escalation of privilege with no additional execution privileges needed. Additionally, several information disclosure and denial-of-service bugs were also fixed. The second part of the update, with a security patch level of 2023-02-05, resolves 23 security defects in Kernel, MediaTek, Unisoc, Qualcomm, and Qualcomm closed-source components. Additionally, three vulnerabilities specific to Pixel devices were patched. Google also released one patch as part of this month's Android Automotive OS update. Manufacturers were notified of the addressed issues at least a month before the security bulletins were published, and the source code patches were released to the Android Open Source Project repository. Pixel users can manually grab the latest security fixes, while users of other devices will have to wait for their phone makers to release the necessary updates.
This Cyber News was published on www.securityweek.com. Publication date: Thu, 09 Feb 2023 14:50:02 +0000