Not only users receive direct threats through deterrence techniques and advertising spam that can endanger our privacy, using the sending of emails using a fraudulent practice known as phishing. Criminals also find important security gaps in large technology companies where they know that data from millions of users coexists. Google is one of the most affected and two serious vulnerabilities have already been detected that are taking over mobile phones with Android system.
The digital age not only surprises with improvements and additions that promote productivity among users, but, unfortunately, there are situations in which we must be cautious if we want to save our reputation.
However, many times we do not realize that we can make a fatal mistake if we download certain applications from third-party online stores or if we click on suspicious links, where most usually contain corrupt files. But the worst of all is that cyber attackers find a way to get into operating systems even when we have done everything to prevent it. In the case in question, Google has detected unauthorized access that compromises your personal information. How to avoid it?
Two zero-day vulnerabilities
If this term is not familiar to you or you are not familiar with it, zero-day vulnerabilities are those that have just been identified by cybersecurity experts, in such a way that bad actors have had free rein for a while without being discovered. Without a doubt, this is one of the most dangerous misfortunes that exist and can affect a large number of devices.
Luckily, Google has managed to find them, reporting two extremely serious bugs in Android out of the 51 improper accesses that have been prevented, actively exploited during the November security updates. Identified as CVE-2024-43047 and CVE-2024-43093, the first corresponds to a sudden exploit affecting closed source Qualcomm chips within the Android kernel, with an elevation of privileges, the releveling of which took place in early October as a problem in your digital signal processor (DSP) service. The second also allows privilege escalation that damages the Android Framework component and Google Play updates.
The North American company did not want to offer details of the perpetrators of this incident. It was clarified that the intentions were directed with spyware attacks, although, once again, without indicating exactly who or whom.
How can I prevent them from accessing my data?
Experts guarantee that the security problems have been completely solved, severely affecting Android versions 12, 13, 14 and 15. According to Google, two patches have already been published in the month of November to address the main vulnerabilities of its system operational, with 17 and 34 corrections, respectively.
To be completely sure that you have installed the latest Android updates, you should go to Settings, Security and privacy, System and updates, Security update. You can also do this from Device Information, and then tap Software Update.
In short, if you want to keep all your files safe, the best thing you can do is check from time to time for updates so that no vulnerability can harm you.
