Google fixes Android bugs, including lingering Mediaserver flaw

Google addressed 19 security vulnerabilities, seven of them rated critical, in its latest Android security update. 

The updates addressed critical security vulnerabilities in the keyring component, MediaTek Wi-Fi Driver, Conscrypt, the libvpx library, Mediaserver component, and the Qualcomm Performance component. The most severe vulnerability is the remote code execution flaw in Mediaserver that could be exploited through multiple methods, including email, Web browsing, and MMS, when processing maliciously crafted media files.

Mediaserver still vulnerable

Google has patched more than two dozen Mediaserver flaws since August, when the original Stagefright flaw was disclosed. Since then, Google’s internal security team has been identifying and fixing other security vulnerabilities scattered throughout the rest of the Mediaserver and the libstagefright library code.

To read this article in full or to leave a comment, please click here