The regularity with which Google releases updates for Android is more than offset by the disruption in distribution. After all, a rare smartphone today receives them on time and in the right amount. In most cases, updates either reach the devices with a long delay, or do not reach them at all. With Google, bribes seem to be smooth here – although the company provides manufacturers with access to its operating system, it cannot force them to optimize intermediate security patches, whatever one may say. Apparently, therefore, it was decided to take the quantity.
Usually Google allows itself to release only one update, but not two.
Google released two updates at once for Android this week. Initially, owners of Google Pixel smartphones will be able to download them, and then access to them will open for all other devices. Of course, provided that the manufacturers themselves undertake their adaptation. Technically, both updates are security patches that are released every month. But usually Google is limited to only one update, and then suddenly presented as many as two, which is very, very atypical for it. True, there is still an explanation for this.
Why updates are needed Android
These updates are aimed at fixing various kinds of vulnerabilities
- The first is a traditional security update that fixes bugs and critical vulnerabilities in the operating system itself Android.
- The second is an update aimed at fixing flaws in the hardware components of Qualcomm, MediaTek and Broadcom.
Both updates fix some pretty gross security flaws, Google said. The company did not particularly dwell on their nature, but noted that they strongly recommend manufacturers not to delay the optimization of patches and release them for their smartphones as soon as possible. From this, explained in Google, depends on how protected users will be, since the vulnerabilities in question affect most modern devices.
Like most of the vulnerabilities found in Android, these also allow attackers to remotely take control of vulnerable devices. True, there is one small but: for this they will have to create a special file and somehow convince the potential victim to download it to themselves. Not to say that this is especially difficult, for example, if the attack is massive. It is enough to place a popular application with a malicious file in the public domain. But getting a specific person to download this file will be very, very difficult.
Why vulnerabilities are dangerous Android
Vulnerabilities are quite dangerous, but they can still be resisted
The unpleasant feature of such vulnerabilities is that, unlike Trojans and spyware that infiltrate our devices, they do not require permission. That is, all that is required of the attacker is to get the malicious component loaded, and then he will automatically activate the broken mechanism and open the backdoor. And already through it, an attacker can either steal data stored on the device, or simply take full control over it and read SMS, listen to calls and track all the activity of his victim.
Generally speaking, vulnerabilities are a rather unpleasant phenomenon. However, it is actually easier to protect yourself from their exploitation by outsiders than it might seem at first glance. All you need is that you refuse to download applications and files from the Internet using only Google Play, and also be careful with downloading media attachments that are sent to you through instant messengers, and not follow unfamiliar links. Some of them can provoke the automatic download of malicious files, and then your message is gone.