July 10, 2017 By Mark Samuels 2 min read

Among the 138 vulnerabilities disclosed in its Android Security Bulletin for July 2017, Google reported a critical flaw in media framework that could enable a remote attacker to execute arbitrary code using a specially crafted file. Google classified the media framework issue as severe based on its potential impact on an infected device.

The good news is that Google has received no reports of active customer exploitation or abuse of these newly reported Android vulnerabilities. Still, the technology giant implored users to accept its updates as soon as possible.

Patching Android Vulnerabilities

The monthly update is split into two partial security patch level strings: The 2017-07-01 security patch level addresses issues in the Android platform, while the 2017-07-05 level resolves device-specific vulnerabilities in components supplied by manufacturers, SecurityWeek reported. The update fixed 27 vulnerabilities in media framework. Ten of these issues were viewed as critical, 15 as high and two as moderate.

The patches also addressed a critical file called Broadpwn, which is a remote code execution vulnerability in the Broadcom Wi-Fi driver. In its advisory note, Google credited security researcher Nitay Artenstein of Exodus Intelligence for his work on the patched Broadcom issue. According to eWEEK, Artenstein will provide more insight into this vulnerability at the Black Hat security conference on July 27.

Mitigating the Risk

Google reported that partners were notified of the issues described in the bulletin at least a month ago. Source code patches for these vulnerabilities have been released to the Android Open Source Project (AOSP) repository. The bulletin also included links to patches outside the AOSP.

The firm issued over-the-air updates and firmware images for the Pixel/Pixel XL, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus Player and Pixel C, according to SC Magazine. Additionally, the advisory note included mitigations, which Google said can help reduce the likelihood of a successful exploitation.

Staying on Top of Threats

According to Gartner, 81.7 percent of the smartphones sold in the last quarter of 2016 ran the Android operating system. Google’s monthly update serves as another warning for IT managers to stay on top of their firm’s mobile security patches and policies. Removing malware can be a tricky task, but smart device management can reduce the need for a reactive approach.

More from

Cloud threat report: Why have SaaS platforms on dark web marketplaces decreased?

3 min read - IBM’s X-Force team recently released the latest edition of the Cloud Threat Landscape Report for 2024, providing a comprehensive outlook on the rise of cloud infrastructure adoption and its associated risks.One of the key takeaways of this year’s report was focused on the gradual decrease in Software-as-a-Service (SaaS) platforms being mentioned across dark web marketplaces. While this trend potentially points to more cloud platforms increasing their defensive posture and limiting the number of exploits or compromised credentials that are surfacing,…

Mobile device security: Why protection is critical in the hybrid workforce

4 min read - In our mobile-first/mobile-last world, many employees’ work days both start and end on a mobile device. Mobile devices are now essential tools for productivity and communication. As many organizations transition to hybrid work environments, mobile devices offer a rich target for malicious actors because they are often the least protected corporate devices and offer platforms from which to launch social engineering attacks.Unlike traditional computers, which are generally well-defended with antivirus software and cybersecurity protocols, mobile devices are frequently left vulnerable…

Abusing MLOps platforms to compromise ML models and enterprise data lakes

15 min read - For full details on this research, see the X-Force Red whitepaper “Disrupting the Model: Abusing MLOps Platforms to Compromise ML Models and Enterprise Data Lakes”.Machine learning operations (MLOps) platforms are used by enterprises of all sizes to develop, train, deploy and monitor large language models (LLMs) and other foundation models (FMs), as well as the generative AI (gen AI) applications built on top of these models. The rush to leverage AI throughout enterprises has meant that security has been often…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today