Google fixes dangerous rooting vulnerabilities in Android
Google has fixed a new batch of vulnerabilities in Android that could allow hackers to take over devices remotely or through malicious applications.
The company released over-the-air firmware updates for its Nexus devices Monday and will publish the patches to the Android Open Source Project (AOSP) repository by Wednesday. Manufacturers that are Google partners received the fixes in advance on Dec. 7, and will release updates according to their own schedules.
The new patches address six critical, two high and five moderate vulnerabilities. The most serious flaw is located in the mediaserver Android component, a core part of the operating system that handles media playback and corresponding file metadata parsing.