Article Details
Scrape Timestamp (UTC): 2024-11-05 14:31:03.450
Original Article Text
Click to Toggle View
Google fixes two Android zero-days used in targeted attacks. Google fixed two actively exploited Android zero-day flaws as part of its November security updates, addressing a total of 51 vulnerabilities. Tracked as CVE-2024-43047 and CVE-2024-43093, the two issues are marked as exploited in limited, targeted attacks. "There are indications that the following may be under limited, targeted exploitation," says Google's advisory. The CVE-2024-43047 flaw is a high-severity use-after-free issue in closed-source Qualcomm components within the Android kernel that elevates privileges. The flaw was first disclosed in early October 2024 by Qualcomm as a problem in its Digital Signal Processor (DSP) service. CVE-2024-43093 is also a high-severity elevation of privilege flaw, this time impacting the Android Framework component and Google Play system updates, specifically in the Documents UI. Google did not disclose who discovered the CVE-2024-43093 vulnerability. While Google did not share any details on how the vulnerabilities were exploited, as researchers at Amnesty International discovered CVE-2024-43047, it could indicate that the flaw was used in targeted spyware attacks. Out of the remaining 49 flaws fixed this time, only one, CVE-2024-38408, is classified as critical, also impacting Qualcomm's proprietary components. The security issues fixed this month impact Android versions between 12 and 15, with some being limited to specific versions of the mobile operating system. Google issues two patch levels each month, in this case, November 1 (2024-11-01 Patch Level) and November 5 (2024-11-05 Patch Level). The first level addresses core Android vulnerabilities, with 17 issues this time, while the second patch level encompasses those plus vendor-specific fixes (Qualcomm, MediaTek, etc.), counting an additional 34 fixes this month. To apply the latest update, head to Settings > System > Software updates > System update. Alternatively, go to Settings > Security & privacy > System & updates > Security update. A restart will be required to apply the update. Android 11 and older are no longer supported but may receive security updates to critical issues for actively exploited flaws through Google Play system updates, though that's not guaranteed. The best course of action for devices still running those older releases should be either to replace them with newer models or use a third-party Android distribution that incorporates the latest security fixes.
Daily Brief Summary
Google resolved two zero-day vulnerabilities in Android, being exploited in precise, targeted attacks as part of its November security updates.
The vulnerabilities, identified as CVE-2024-43047 and CVE-2024-43093, were actively exploited, affecting Qualcomm components, and the Android Framework respectively.
CVE-2024-43047, disclosed by Qualcomm, involves a use-after-free issue in its DSP service that permits elevation of privileges.
CVE-2024-43093 affects Google Play updates and Android Framework, specifically targeting the Documents UI, raising privileges without disclosed detection origin.
Of the 51 total vulnerabilities addressed, 49 were other issues, with one marked as critical—again involving Qualcomm’s proprietary components.
Android devices running versions 12 through 15 received patch updates, split into two levels, addressing core and vendor-specific vulnerabilities.
Users are advised to install the latest updates via system settings to protect against potential exploits, with older versions like Android 11 receiving limited support.