Google Patches Android Security Risk, Update Now

The latest fix addresses three critical flaws

by
Rob LeFebvre
Rob LeFebvre
Senior News Editor
Rob LeFebvre has been a freelance technology writer for 10 years and an educator for 20. His articles have appeared in 148Apps, Cult of Mac, Engadget, and many others.
our editorial process
Rob LeFebvre
Published March 5, 2020
Updated March 5, 2020 01:06PM EST

Why This Matters

This isn't a typical security patch, but one that includes several flaws classified as critical. Update your Android device to the latest version immediately.

Android statue in mist
Wikimedia

Make sure you update your Android device to the latest security patch as soon as possible. There are three critical bugs it addresses (and four more less critical ones, as well).

The details: The security flaw that's getting the most attention is known as MediaTek-su by Android developers and CVE-2020-00069 by Google. The bug itself lets attackers gain root access to your Android device without having to unlock the bootloader, reports Sophos' Naked Security blog.

While MediaTek itself says it patched the vulnerability in May 2019, the Android developer group XDA notes there are millions of Android devices in the wild that haven't received the fix from the company, and they may never.

Even more: Other serious bugs in the update include ones in the media framework, which handles camera, audio, and video. These allow remote attackers access to your device's media codecs. Other bugs include vulnerabilities in what's called "privilege elevation," which could allow a user that isn't you higher access in the operating system than they should be allowed.

The Bottom Line: If we've said it once, we've said it a thousand times: keep your devices updated with the latest updates. That includes iOS, Android, Windows, macOS, Linux, and all of your smart home devices. There's no reason not to do it.

Via: Forbes

Become an Expert on Android Security