Google, Samsung address over 60 security issues in July update

0
26

[ad_1]

For a change, Google rolled out the July security patch to the Pixel Watch lineup before Pixel phones. While both watches have already received the update, it has yet to arrive on phones, including foldables. In the meantime, the company has published the content of the July 2024 security update for Pixels and other Android products. Samsung has also revealed the Galaxy-specific patches it will bundle with the July patch.

Google’s July 2024 Android security update patches 27 vulnerabilities

Every month, Google releases a new security patch for Android devices. It contains fixes for various bugs and security flaws in Android OS components and other partner components in Android OS. Device makers roll out these patches to their eligible products, often adding fixes for vulnerabilities exclusive to their devices. It’s no different this month. Google’s July 2024 ASB (Android Security Bulletin) fixes 27 security issues in Android products.

Among those are four critical vulnerabilities potentially causing severe damage to affected devices if threat experts exploited the flaws. According to Google, the most severe issues patched this month “could lead to local escalation of privilege with no additional execution privileges needed.” The rest are all high-severity vulnerabilities affecting Android versions from 12 to 14, including Android 12L, a special build for foldables and tablets.

As usual, Google has grouped these patches under two different security patch levels: 2024-07-01 and 2024-07-05. Vendors can roll out either patch level to their Android devices. Samsung, the biggest name in the Android smartphone space, always pushes the former build. Its updates also contain dozens of additional security fixes. Called Samsung Vulnerabilities and Exposures (SVE) items, these issues don’t exist on Android products from other brands.

Samsung’s updated security bulletin says the July SMR (Security Maintenance Release) for Galaxy devices contains 33 SVE patches. These include at least two critical vulnerabilities allowing remote attackers to execute arbitrary code with system privilege with the help of user interaction. This month’s security update for Galaxy devices also patches two high-severity Samsung Semiconductor issues. These issues exist on Exynos-powered devices.

These patches will soon reach millions of Android devices

Google, Samsung, and other brands will soon start pushing the July security update to their respective Android products. The exact number of patches will vary by device—not every Galaxy device is vulnerable to all 62 issues discussed above. Watch out for an update on your Android phone, tablet, or Wear OS smartwatch in the coming days. Most devices allow you to manually check for updates from the Settings app.

[ad_2]

Source link