IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Google patches critical Android 12 security flaws

The vulnerability could allow hackers to escalate privileges remotely without user intervention

The Android logo displayed on a smartphone, which is being held in front of a Google sign

Google has resolved a critical security flaw in Android 12 with its February 2022 Android security update.

The vulnerability, code-named CVE-2021-39675, affected the System component and could allow hackers to gain admin privileges remotely.

Google's Android Security Bulletin also addresses a second critical vulnerability, CVE-2021-30317, which affects a closed-source component built by Qualcomm and was active on all Android devices fitted with the hardware.

Related Resource

Vulnerability and patch management

Keep known vulnerabilities out of your IT infrastructure

Whitepaper cover with dark red smoke-like graphic on black backgroundFree Download

Thus far, there have been no reports of active exploitation of either of the now-patched vulnerabilities.

Aside from CVE-2021-39675 and CVE-2021-30317 vulnerabilities, Google issued fixes for five high-severity flaws in Framework, four high-severity bugs in Media Framework, seven high-severity to critical flaws in System, two vulnerabilities of unknown severity in Media Provider, one high-severity flaw in Amlogic components, five high-severity bugs in MediaTek components, three high-severity flaws in Unisoc components, and six high to critical severity vulnerabilities in Qualcomm components.

“The severity assessment of bugs is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed,” explained Google.

However, the search giant noted that the severity of vulnerabilities affecting Amlogic, MediaTek, Unisoc, and Qualcomm components are determined by the source vendor.

Google Play system updates and security updates are available for Android devices running Android 10 and later.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021
61% of organizations say improving security a top priority for 2021
cyber security

61% of organizations say improving security a top priority for 2021

29 Jun 2021

Most Popular

Salaries for the least popular programming languages surge as much as 44%
Development

Salaries for the least popular programming languages surge as much as 44%

23 Jun 2022
The top programming languages you need to learn for 2022
Careers & training

The top programming languages you need to learn for 2022

23 Jun 2022
Swift exit: How the world cut off Russian banks
finance

Swift exit: How the world cut off Russian banks

24 Jun 2022