Go Ad-Free
    My Alerts
    Moneycontrol
    Moneycontrol PRO
    HomeTechnologyGovernment warns about multiple security flaws in Android: What users need to know

    Government warns about multiple security flaws in Android: What users need to know

    CERT-In has classified the vulnerabilities as high-risk, with potential impacts including privilege escalation, data theft, and denial-of-service (DoS) attacks. The advisory also mentions that one of the vulnerabilities (CVE-2024-53104) is already being actively exploited in the wild.

    Moneycontrol News
    February 06, 2025 / 17:39 IST
    Android

    The Indian Computer Emergency Response Team (CERT-In) has issued a security advisory (CIVN-2025-0013) warning about multiple vulnerabilities in Android. These flaws could allow attackers to gain unauthorised access, execute arbitrary code, and compromise system stability.

    What’s the warning?

    CERT-In has classified the vulnerabilities as high-risk, with potential impacts including privilege escalation, data theft, and denial-of-service (DoS) attacks. The advisory also mentions that one of the vulnerabilities (CVE-2024-53104) is already being actively exploited in the wild.

    Devices and Android versions affected

    The vulnerabilities affect devices running Android versions 12, 12L, 13, 14, and 15. Users of smartphones, tablets, smartwatches, and other devices based on Android are advised to take immediate precautions.

    Why this security flaw exists

    According to CERT-In, the vulnerabilities arise due to flaws in multiple Android components, including:

    Framework

    Platform

    System

    Conscrypt component

    Kernel

    Arm components

    Imagination Technologies

    MediaTek components

    Unisoc components

    Qualcomm components (including closed-source elements)

    These security weaknesses could be exploited to access sensitive user information, execute arbitrary code, or cause a device to crash.

    How to stay protected

    CERT-In recommends users and OEMs apply security updates as soon as they are available. The latest security patches can be found in the Android Security Bulletin:

    https://source.android.com/docs/security/bulletin/2025-02-01

    Users should also follow best security practices, including:

    Regularly updating their devices

    Avoiding installation of apps from untrusted sources

    Enabling Google Play Protect

    Being cautious of phishing attempts

    Invite your friends and family to sign up for MC Tech 3, our daily newsletter that breaks down the biggest tech and startup stories of the day

    Moneycontrol News
    first published: Feb 6, 2025 05:39 pm

    Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!

    Subscribe to Tech Newsletters

    • On Saturdays

      Find the best of Al News in one place, specially curated for you every weekend.

    • Daily-Weekdays

      Stay on top of the latest tech trends and biggest startup news.

    Advisory Alert: It has come to our attention that certain individuals are representing themselves as affiliates of Moneycontrol and soliciting funds on the false promise of assured returns on their investments. We wish to reiterate that Moneycontrol does not solicit funds from investors and neither does it promise any assured returns. In case you are approached by anyone making such claims, please write to us at grievanceofficer@nw18.com or call on 02268882347