Google this week announced that users should update their Android smartphones as soon as possible due to multiple vulnerabilities that can lead to “remote code execution.”
Further, it warned that “user interaction is not needed for exploitation” and that “the severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed.”
The vulnerabilities currently impact Android systems that are using versions 11, 12, 12L, and 13, Google’s bulletin said.
Users can find their respective Android phone’s version number, security update level, and Google Play level in the Settings app. Generally, Android pushes automatic updates to users, but one can check for updates.
“For most phones it works like this: Under About phone or About device you can tap on Software updates to check if there are new updates available for your device, although there may be slight differences based on the brand, type, and Android version of your device,” according to MalwareBytes.
Two major vulnerabilities in question flagged by Google were labeled as CVE-2023-21085 and CVE-2023-21096. Both CVE-2023-2108 and CVE-2023-21096 involve a vulnerability in the Android System component that can allow a malign actor to execute code by allowing a remote attacker to trick the victim to open a file to execute the code, MalwareBytes said.
One vulnerability, CVE-2022-38181, that was also patched and rated as high, is currently being exploited in the wild, said MalwareBytes. It “allows unprivileged users to access freed memory because GPU memory operations are mishandled. This use-after-free (UAF) vulnerability allows a local application to escalate privileges on the system. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.”
“This vulnerability is known to be exploited in targeted attacks and was first spotted in November 2022,” the firm said.
