Google Addresses Two Actively Exploited Android Zero-Days in November Security Updates

November 5, 2024

Google has patched two zero-day vulnerabilities in Android that were being actively exploited in the wild. The patches were part of Google's November security updates, which addressed a total of 51 vulnerabilities. The two zero-days, identified as CVE-2024-43047 and CVE-2024-43093, were used in limited, targeted attacks. Google's advisory states, "There are indications that the following may be under limited, targeted exploitation."

The CVE-2024-43047 flaw is a high-severity use-after-free issue found in closed-source Qualcomm components within the Android kernel. This flaw allows for privilege escalation and was first disclosed by Qualcomm in early October 2024. It was identified as an issue in Qualcomm's Digital Signal Processor (DSP) service.

The second zero-day, CVE-2024-43093, is also a high-severity elevation of privilege flaw. This one affects the Android Framework component and Google Play system updates, specifically in the Documents UI. The discoverer of the CVE-2024-43093 vulnerability was not disclosed by Google.

While details of how the vulnerabilities were exploited have not been shared by Google, it's suggested that the CVE-2024-43047 flaw, discovered by researchers at Amnesty International, may have been used in targeted spyware attacks.

Among the 49 other flaws addressed in this update, one critical issue, CVE-2024-38408, also affects Qualcomm's proprietary components.

The security concerns addressed in this round of updates affect Android versions 12 through 15, with some issues being specific to certain versions of the mobile operating system. Google releases two patch levels each month, the first addressing core Android vulnerabilities and the second including vendor-specific fixes. This month, 17 issues were addressed in the first patch level and an additional 34 in the second.

To implement the latest update, users should navigate to Settings > System > Software updates > System update or Settings > Security & privacy > System & updates > Security update. A system restart is necessary to apply the update.

For Android 11 and older versions, which are no longer supported, security updates for critical issues may still be provided through Google Play system updates, but this is not guaranteed. The recommended action for users still operating these older versions is to either upgrade their devices or use a third-party Android distribution that includes the most recent security patches.

Related News

• Qualcomm Addresses High-Risk Zero-Day Vulnerability in DSP Service

Latest News

• Custom 'Pygmy Goat' Malware Targets Sophos Firewall in Government Network Attack
• Ollama AI Framework Vulnerabilities: DoS, Model Theft, and Poisoning Possible
• Microsoft SharePoint Remote Code Execution Vulnerability Exploited in Corporate Network Breach
• Critical Authentication Vulnerabilities Threaten Smart Factory Equipment
• Critical Zero-Day Vulnerabilities Found in PTZ Cameras: Hackers on the Prowl