Google’s April Android Security Bulletin Warns of 9 Critical Bugs
(Apr 3, 2018)
Google has issued its April Security Bulletin in which 29 vulnerabilities were addressed. Overall, nine of the vulnerabilities were rated as critical, and 19 were rated as high. Google issued updates for four Remote Code Execution (RCE) vulnerabilities and one privilege escalation vulnerability.
Recommendation: Users and administrators should view Google’s Security Bulletin page, located here “https://source.android.com/security/bulletin/,” and apply the necessary updates as soon as possible. The remote code execution vulnerabilities pose a significant risk because they can be exploited by a remote threat actor in combination with privilege escalation vulnerabilities to gain full control of an affected device.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.