All four of these vulnerabilities allow threat actors to execute malicious code to take complete control of an Android device. The reason this latest alert is so important for Android users to take heed of is such exploits are a rarity. As reported by Threatpost, since 2014, there have only been six Android bugs to be exploited in the wild.
This means the four vulnerabilities announced this week make up two-thirds of all zero-day threats that Android users have faced since 2014. Yikes.
Maddie Stone, the security researcher with Google’s Project Zero, also added on Twitter: “Android has updated the May security with notes that 4 vulns were exploited in the wild”. All four of these vulnerabilities could allow hackers to take complete control of an Android device, with all of them affecting GPU firmware code. Two can affect the ARM Mali GPU driver, while the other two impact the Qualcomm Snapdragon CPU graphics component.
Peleg added: “From elevating privileges beyond what is available by default to executing code outside of the current process’s existing sandbox, the device would be fully compromised, and no data would be safe.”
Android phones that use ARM- or Qualcomm-branded GPUs are the only ones affected by the vulnerability. It’s unclear exactly how attackers would take advantage of such a flaw. After all, Google keeps quiet about exactly
But what is for certain is that Android users should make sure they download the May 2021 security update, which addresses these vulnerabilities, as soon as it becomes available to them.
This post originally appeared on Daily Express :: Tech Feed