Android security alert: CERT-In warns of high-risk vulnerabilities, suggests OS update

The Computer Emergency Response Team India (CERT-In) has issued a high-risk advisory, cautioning Android users about multiple vulnerabilities that could give attackers control over their devices. The warning applies to both older and newer Android OS releases, highlighting a widespread security concern.

Critical flaws across Android OS

CERT-In has identified critical flaws across several components of the Android operating system, including:

* Framework & Android Runtime

* System & Widevine DRM

* Project Mainline components & Kernel

* Components from Arm, Imagination Technologies, MediaTek, and Qualcomm

The agency has categorized these vulnerabilities as "high" severity, warning that successful exploitation could allow attackers to gain elevated privileges, steal sensitive information, execute arbitrary code, or cause denial-of-service (DoS) conditions. The advisory specifically targets users of Android 13, Android 14, Android 15, and the latest Android 16.

Patches and User Action

While Google has already released security updates to fix these vulnerabilities, the Android ecosystem requires smartphone manufacturers like Samsung, OnePlus, and Xiaomi to push these patches to their respective devices.

CERT-In has urged all users to download and install the latest security update as soon as possible to protect their devices. Users can typically find and install these updates through the "System Update" section in their device's settings.

The advisory also recommends that users avoid downloading applications from unknown sources, be cautious of suspicious links or messages, and ensure that built-in security features like Google Play Protect are enabled. The urgency of this patch underscores the constant battle between cybersecurity professionals and malicious actors, emphasizing the need for users to take proactive steps to safeguard their personal data.