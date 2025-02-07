Comment: Android users, update ASAP to avoid actively exploited vulnerabilities

February 2025 by Sylvain Cortes, VP Strategy at Hackuity

Google has released its latest security updates for Android, fixing some potentially serious flaws that could be exploited by threat actors. Sylvain Cortes, VP Strategy, Hackuity comments:

“The latest February Android updates from Google patch 48 security flaws, including a high-severity Linux Kernel flaw in its USB Video Class driver.

This particular zero-day flaw - CVE-2024-53104 – could allow “physical escalation of privilege with no additional execution privileges needed”, according to Google, or in other words: gain control of an unpatched device under the right conditions. Google has said the vulnerability may already be exploited in a limited number of cases.

Another major fix addresses CVE-2024-45569, a critical Qualcomm wireless LAN vulnerability with a near-maximum severity score (CVSS 9.8/10). This one could allow remote code execution, memory manipulation, or even device crashes.

With 46 other high-severity bugs also patched in the update, the message is clear: update your Android device ASAP to stay protected.”