Mobile Threat Blog

  • Mobile
    Security Insights
  • Mobile
    Threat Research
  • Mobile
    Security Tips

On March 7, 2017 Google released an Android Security Bulletin containing details of security vulnerabilities affecting Android devices. Android security updates normally include two parts: general updates that affects most users and the updates affecting specific partners, such as hardware partners like NVIDIA, Broadcom and Qualcomm. Here we’ve summarized the general security updates on the Android Security bulletin from Security Patch level 2017-03-01.

  • 13 Remote Code Execution Vulnerabilities: These types of vulnerabilities allow attackers to execute arbitrary codes on user devices. Ten of the discovered vulnerabilities are considered critical, since they cause memory corruptions in privileged processes, while the other three are considered high severity, since they cause arbitrary code execution in unprivileged processes. The vulnerabilities are found in OpenSSL & BoringSSL, Mediaserver, AOSP Messaging, libgdx and Framesequence library.
  • 11 Denial of Service Vulnerabilities: These types of vulnerabilities disable users ability to use the phone or access certain services. Seven of them are considered high impact, three are medium impact and one is low impact. The vulnerabilities are found in Mediaserver, Setup Witzard and Audio Server.
  • 8 Privilege Escalation Vulnerabilities: This type of vulnerability allows unprivileged processes, such as from third-party apps, to escalate privileges to the system-level bypassing the sandbox restrictions. One is considered as critical impact, three are rated as high impact, while the remaining four are rated as medium impact. These vulnerabilities are found in recovery verifier, NFC, audio server, Location Manager, Wi-Fi, Package Manager and System UI.
  • 2 Information Disclosure Vulnerabilities: These vulnerabilities allow malicious apps to access user data. They are rated as medium impact. The vulnerabilities are found in AOSP Messaging and Media Server.

Since the number of remote code execution and privilege escalation vulnerabilities are higher than they were last month, Appthority urges users to update their Android devices to the latest OS version which includes these security updates. We also recommend enterprise IT admins set strong policies against keeping outdated OS versions on their employee’s mobile devices.