Sep 24, 2018 | Updated: 07:21 PM EDT

Android Security Patch Update Fixes More Than 100 Vulnerabilities In Media Server And Hardware Drivers

May 05, 2017 09:20 PM EDT

Close

Android is ever improving, and the mobile OS recently got an android security update patch for more than a hundred vulnerabilities. Among these security flaws, were 29 critical flaws in the media processing server. There were also flaws in drivers related to hardware and a number of other components.

Android recently released the details in its Android Security Bulletin, explaining all the vulnerabilities and android security update patch details, the latter of which was divided into two separate levels. The 2017-05-01 security patch level configures an android phone to resist all common vulnerabilities across all devices.

The 2017-05-05 patch covers a number of other fixes like hardware drivers and kernel space, which is different in different devices. The patch fixes a number of Mediaserver problems, which were very common to patch updates. The media server has been constantly fine-tuned over the years and with this patch, six vulnerabilities were fixed.

Previous to the patch, the media server was exposed to malicious file downloads which might have tricked users into completely compromising their data. Moreover, even if the user did not open those files, media server would have processed it nevertheless.

According to PCWorld, Google has disabled the automatic display of MMS in Hangouts and default text messaging app as exploiters can get a back door to the media server and thereby get a hand on the user data. However, if the phone has a third party texting app, Google might not be able to prevent the misuse of the media server.

The 2017-05-05 android security update patch also has a fix for a flaw that has its roots in media processing. The location of the vulnerability is in GIFLIB, which is a library that the OS uses for writing and reading GIF images. The GIFLIB flaw might not affect all android devices.

These vulnerabilities were critical, as a compromise of security would mean that the OS kernel is breached. This also means that the device would be totally compromised and user data would be exposed. As of now, Google is steadily releasing android security update patches to keep users from the onslaught of an intruder.

 

Real Time Analytics