Google has announced a new security update that will fix two critical zero-day bugs.
According to TechCrunch, hackers exploited the issues, and Google stated that the bugs “may be under limited, targeted exploitation.”
One of the security flaws, identified and tracked by Amnesty International as CVE-2024-53197, was a fault in the sound device that could allow sound cards to be emulated, allowing potential access to the phone.
Amnesty International revealed that local authorities in Serbia exploited this flaw by misusing Cellebrite, a data tracking company for forensics and law enforcement agencies, to compromise the phone of a Serbian student activist.
The second exploit, marked as CVE-2024-53150, did not have much information about it, but it was stated that it had been found within the kernel and patched.
The tech giant has stated that they will push patch fixes within 48 hours of the advisory and that Android partners will be notified of all issues at least a month before they are published online.
Source: Android Police, TechCrunch, Amnesty International
MobileSyrup may earn a commission from purchases made via our links, which helps fund the journalism we provide free on our website. These links do not influence our editorial content. Support us here.
