OR Samsung September security updates began to be released on Android to correct critical security vulnerabilities in its operating system and to improve the overall capabilities of its devices.
This week Google released its security updates Android for September 2020, which include many security patches for critical vulnerabilities affecting the latest devices.
As observed, the devices Samsung Galaxy started updating automatically today, September 10th.
These updates include many improvements to Wi-Fi connectivity, including its Keyboard Samsung and the Messages app, along with some pretty important security fixes. There are also optimizations to the Pro Video capability of the camera.
All the vulnerabilities encountered in this update have been described as either "High" or "Critical" seriousness, making the update necessary for the users of the company, so that their devices remain safe.
One of the most critical vulnerabilities is CVE-2020-0245, which affects the Media Framework component and allows both remote code execution and the disclosure of important information.
Other notable vulnerabilities that are fixed in this update include:
Framework
| CVE | References | Type | Severity | Updated AOSP versions |
|---|---|---|---|---|
| CVE-2020-0074 | A-146204120 | EoP | High | 8.0, 8.1, 9, 10 |
| CVE-2020-0388 | A-156123285 | EoP | High | 10 |
| CVE-2020-0391 | A-158570769 | EoP | High | 9, 10 |
| CVE-2020-0401 | A-150857253 | EoP | High | 8.0, 8.1, 9, 10 |
| CVE-2020-0382 | A-152944488 | ID | High | 10 |
| CVE-2020-0389 | A-156959408 | ID | High | 10 |
| CVE-2020-0390 | A-157598026 | ID | High | 10 |
| CVE-2020-0395 | A-154124307 | ID | High | 8.0, 8.1, 9, 10 |
| CVE-2020-0397 | A-155092443 | ID | High | 8.0, 8.1, 9, 10 |
| CVE-2020-0399 | A-153993591 | ID | High | 8.0, 8.1, 9, 10 |
Media Framework
| CVE | References | Type | Severity | Updated AOSP versions |
|---|---|---|---|---|
| CVE-2020-0245 | A-152496149 | ID | High | 10 |
| RCE | Critical | 8.0, 8.1, 9 | ||
| CVE-2020-0392 | A-150226608 | EoP | High | 9, 10 |
| CVE-2020-0381 | A-150159669 | ID | High | 8.0, 8.1, 9, 10 |
| CVE-2020-0383 | A-150160279 | ID | High | 8.0, 8.1, 9, 10 |
| CVE-2020-0384 | A-150159906 | ID | High | 8.0, 8.1, 9, 10 |
| CVE-2020-0385 | A-150160041 | ID | High | 8.0, 8.1, 9, 10 |
| CVE-2020-0393 | A-154123412 | ID | High | 9, 10 |
System
| CVE | References | Type | Severity | Updated AOSP versions |
|---|---|---|---|---|
| CVE-2020-0380 | A-146398979 | RCE | Critical | 8.0, 8.1, 9, 10 |
| CVE-2020-0396 | A-155094269 | ID | Critical | 8.0, 8.1, 9, 10 |
| CVE-2020-0386 | A-155650356 | EoP | High | 8.0, 8.1, 9, 10 |
| CVE-2020-0394 | A-155648639 | EoP | High | 8.0, 8.1, 9, 10 |
| CVE-2020-0379 | A-150156492 | ID | High | 8.0, 8.1, 9, 10 |
On selected devices Samsung Galaxy, the updates launched this week are dated "2020-09-01". This means that the seriousness vulnerabilities (EoPs) that need to be corrected by the "security update 2020-09-05" are still exploitable.
Only one of these vulnerabilities, CVE-2020-0402, for example, can allow a user to gain permissions on a device so that it can unlock it and access the file system.
It is recommended that you update your devices immediately, which will happen automatically if you have the "auto-update" settings enabled.
A full description of the improvements can be found at website of Samsung.
ETERBASE $ 5 million made wings
Comment Policy:
IGuRu.gr does not post comments directly. Malicious comments, comments that include ads, or comments with insults are deleted without any notice. We do not adopt the views expressed by our readers.
Your comments will be displayed after approval by the administrators