Google July Android Security Bulletin Fixes 3 Critical RCE Bugs (Jul 2, 2019)
As part of the July Android Security Bulletin, Google has released patches to address 12 vulnerabilities all rated as critical and high. In total Google issued patches for 21 vulnerabilities related to Qualcomm components used in Android devices, and other manufactures will continue to push out their own updates during this month. Three of the most dangerous, critical-rated vulnerabilities, registered as CVE-2019-2106, CVE-2019-2107, and CVE-2019-2109, reside in Android’s Media Framework and can be exploited via a custom-created file “to execute arbitrary code within the context of a privileged access.”
Recommendation: It is important that your company has patch-maintenance policies in place, particularly when there are Bring Your Own Device (BYOD) policies in use. Once a vulnerability has been reported on in open sources, threat actors will likely attempt to incorporate the exploitation of the vulnerability into their malicious operations. Patches should be reviewed and applied as soon as possible to prevent potential malicious activity. Google’s Android Security Bulletin for July can be found here: https://source.android.com/security/bulletin/2019-07-01#framework
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.