9 vulnerabilities rated critical were patched as part of Google’s Android Security Bulletin for April.Critical vulnerabilities ranged from 2 remote code execution vulnerabilities connected to the Android media structure, to a Qualcomm Wi-Fi element flaw that allowed a close-by assaulter to use “a specifically crafted file to carry out arbitrary code within the context of a fortunate procedure.”< a href=https://threatpost.com/google-patches-11-critical-bugs-in-march-android-security-bulletin/130273/ title="Permalink to Google Patches 11 Critical Bugs in March Android Security Publication"rel =bookmark > Google Patches 11 Important Bugs in March Android Security Bulletin< a href=https://threatpost.com/lenovo-warns-critical-wifi-vulnerability-impacts-dozens-of-thinkpad-models/129860/ title="Permalink to Lenovo Cautions Critical WiFi Vulnerability Impacts Dozens of ThinkPad Models"rel=bookmark > Lenovo Alerts Important WiFi Vulnerability Effects Dozens of ThinkPad Designs< a href=https://threatpost.com/google-awards-record-112500-bounty-for-android-exploit-chain/129519/
“rel=bookmark > Google Awards Record $ 112,500 Bounty for Android Exploit Chain Google said firmware updates are offered and will be delivered through over-the-air (OTA) updates to Google Pixel and Nexus gadgets. Updates to other Android gadgets will be sent by means of respective OEM gadget makers and cordless providers, where applicable. For example, Samsung Mobile revealed an upkeep release for its “major flagship designs” that included eight Samsung patches being delivered OTA.In all, Google’s April security update includes 28 fixes; nine ranked vital and 19 rated high. Seven of the critical vulnerabilities were tied to the Android OS straight. Each Qualcomm and Broadcom element maker fixed an important bug.The Android os received the most attention, with Google fixing four remote code execution bugs and one important elevation of benefit bug. “The most serious vulnerability in this area could allow a remote aggressor utilizing a specially crafted file to perform approximate code within the context of a privileged procedure,” Google wrote.Common vulnerabilities and exposures(CVE)information of each of the bugs are not released up until gadget makers have actually covered the impacted systems.Several Qualcomm components were covered as part of the April update, consisting of chipset functions connecting to Wi-Fi, binder, WLAN and audio motorists. A critical RCE Broadcom wireless bug(CVE-2017-13292)was also patched.Google also launched a different April< a href=https://source.android.com/security/bulletin/pixel/2018-04-01 > Pixel/ Nexus Security Publication for its Pixel and Nexus gadgets that include the Pixel, Pixel XL, Pixel 2, Pixel 2 XL, Nexus 5X, andtitle=”Permalink to Google Awards Record $112,500 Bounty for Android Exploit Chain