news

한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina

it home reported on september 5 that technology media bleepingcomputer reported yesterday (september 4) that google released the september 2024 android security update, which fixed a total of 34 vulnerabilities, among which the cve-2024-32896 vulnerability is the focus of attention.

cve-2024-32896 overview

there has been relevant evidence that hackers have exploited this vulnerability to attack android phones such as pixel. it is a privilege escalation vulnerability that google fixed on pixel devices in june this year.

it home note: this high-severity vulnerability is related to a logical error in the code, which can allow attackers to bypass certain protection measures of the android system and elevate their own permissions without requiring additional permissions.

the u.s. cybersecurity and infrastructure security agency (cisa) issued warnings in june and august, respectively, and listed the vulnerability in the known vulnerabilities and exploits (kev) catalog. due to the severity and potential harm of the vulnerability, the government requires federal government employees to complete system updates within 21 days.

google extends this update

the vulnerability was fixed for pixel devices in june 2024 and is marked as being actively exploited in limited, targeted attacks (including by forensics firms) to prevent automated removal tools like wasted and sentry from triggering when examining the device.

the security update released by google in september now fixes cve-2024-32896 for devices running android 12, 12l, 13, and 14.

other vulnerabilities in september security update

with the exception of two vulnerabilities in qualcomm's closed components, specifically the wlan subcomponent, tracked as cve-2024-33042 and cve-2024-33052, the other fixes released this month all involve high-severity issues.

given that the android security patch released by google in september 2024 addresses a vulnerability that is being exploited, all android users are advised to apply the update as soon as possible.