The January 2025 Android Safety Bulletin has issued necessary updates concerning vital vulnerabilities that have an effect on Android gadgets.
Customers are urged to make sure their gadgets are up to date to the newest safety patch stage, which as per the bulletin, must be 2025-01-05 or later to mitigate potential dangers.
Overview of Vulnerabilities
The bulletin highlights a sequence of Distant Code Execution (RCE) vulnerabilities inside the Android System part.
These vulnerabilities are deemed vital as a result of potential impression they’ll have on affected gadgets, particularly if the platform’s inherent safety mitigations are bypassed.
The Android safety staff emphasizes that these vulnerabilities may enable attackers to execute dangerous code without having further privileges.
In response to those vulnerabilities, Android companions had been knowledgeable no less than a month earlier than the bulletin’s publication.
Supply code patches for these vulnerabilities are set to be launched within the Android Open Supply Mission (AOSP) repository inside 48 hours. Up to date hyperlinks to the AOSP will probably be supplied as soon as they’re obtainable.
Severity Evaluation
The vulnerabilities listed under are vital and categorized in accordance with their CVE IDs. They’re grouped below the part they have an effect on, offering insights into their severity and the particular AOSP variations they impression.
| CVE ID | Sort | Severity | Up to date AOSP Variations |
| CVE-2024-43096 | RCE | Vital | 12, 12L, 13, 14, 15 |
| CVE-2024-43770 | RCE | Vital | 12, 12L, 13, 14, 15 |
| CVE-2024-43771 | RCE | Vital | 12, 12L, 13, 14, 15 |
| CVE-2024-49747 | RCE | Vital | 12, 12L, 13, 14, 15 |
| CVE-2024-49748 | RCE | Vital | 12, 12L, 13, 14, 15 |
The Android safety platform and Google Play Shield present very important protections that scale back the chance of profitable exploitation of those vulnerabilities.
Customers are suggested to stay vigilant and guarantee their gadgets are up to date recurrently to the newest Android model.
Google Play Shield, which comes enabled by default on gadgets with Google Cell Companies, performs a vital position in safeguarding customers in opposition to probably dangerous purposes and threats.
Staying up to date with the newest safety patches is essential for all Android customers. Common updates not solely shield gadgets from identified vulnerabilities but in addition improve total safety, guaranteeing a safer cell expertise.
ANY.RUN Risk Intelligence Lookup - Extract Thousands and thousands of IOC's for Interactive Malware Evaluation: Strive for Free