Your new post is loading...
Security updates that Google released this week for Android resolve 43 vulnerabilities, including three that have been exploited in attacks.
The exploited flaws, tracked as CVE-2023-2136, CVE-2023-26083, and CVE-2021-29256, impact Android’s System and Arm Mali components.
The internet giant says “there are indications” that these security defects “may be under limited, targeted exploitation”.
CVE-2023-2136 was disclosed in April as a zero-day vulnerability in the Chrome browser, and is described as an integer overflow issue in Skia.
The bug allows “a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page,” a NIST advisory explains.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Android
Security updates that Google released this week for Android resolve 43 vulnerabilities, including three that have been exploited in attacks.
The exploited flaws, tracked as CVE-2023-2136, CVE-2023-26083, and CVE-2021-29256, impact Android’s System and Arm Mali components.
The internet giant says “there are indications” that these security defects “may be under limited, targeted exploitation”.
CVE-2023-2136 was disclosed in April as a zero-day vulnerability in the Chrome browser, and is described as an integer overflow issue in Skia.
The bug allows “a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page,” a NIST advisory explains.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Android