Google has issued its April 2019 set of security patches for the Android platform, which rectifies three crucial flaws, including two that impact the Media framework component.
Attackers could exploit remotely the two security vulnerabilities, tracked as CVE-2019-2027 and CVE-2019-2028, mainly to effect code on susceptible devices. Android versions 7.0, 7.1.1, 7.1.2, 8.0, 8.1, and 9 are affected.
According to Google, the most serious of these problems is a critical security weakness in Media framework that could allow a distant attacker using a specially crafted file to perform random code within the setting of a privileged method.
Both viruses were highlighted as part of the 2019-04-01 security patch level, in addition to one high severity flaw in Framework and 8 High risk issues in System.
The second part of this month’s security solutions, included in the 2019-04-05 security patch level, highlights over 75 susceptibilities in System and open and closed-source Qualcomm components.
The first of the four problems repaired in System is a Serious remote code implementation virus that affects Android 7.0, 7.1.1, 7.1.2, 8.0, 8.1, and 9, the same as the faults in Media framework. The rest of the three are High risk viruses.
Another Serious susceptibility was addressed in Qualcomm components, along with 29 other High severity defects. Of the 30 viruses, 29 affect WLAN HOST, and only one impacts Kernel.
Of the 44 vulnerabilities patched in Qualcomm closed-source components, 6 were rated Critical and 38 were rated High severity.
Although no Pixel security fixes were included in the April 2019 Pixel Update Bulletin, the tech giant did issue some functional patches for Pixel devices, to better the functionality of assistant, Wi-Fi connectivity, and display functionality of Pixel 3 and Pixel 3 XL, and Bluetooth connectivity on Pixel and Pixel XL.