Android’s Latest Security Update Patches Spyware-Exploited Mali GPU Kernel Driver Flaw

In the latest Android security update, Google addresses 56 vulnerabilities, including five with a critical severity rating. Notably, one high-severity flaw has reportedly been exploited in a spyware campaign targeting Samsung devices since at least December of 2022.

The most alarming among these vulnerabilities, tracked as CVE-2022-22706, affects the Mali GPU kernel driver, a technology from ARM extensively used in various Android devices. As Google states in its most recent bulletin, indications of "limited, targeted exploitation" of this particular flaw have been indicated.

Exploitation could let a non-privileged user achieve write access to read-only memory pages on vulnerable devices. Google's Threat Analysis Group (TAG) has already attributed this to an orchestrated spyware campaign primarily directed at Samsung devices. Despite the worrisome findings, Google responded promptly to the issues identified.

Another shortcoming that Google's latest security patch addresses is a high-severity system-level vulnerability that would allow threat actors to perform remote code execution (RCE) with no additional privileges.

"The most severe of these issues is a critical security vulnerability in the System component that could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed," reads Google's security advisory. "User interaction is not needed for exploitation."

The tech giant already released patches for these vulnerabilities in its latest monthly security update for Android. While the company remains vigilant, it emphasizes that users need to update their devices promptly to benefit from the security improvements.

The report on these vulnerabilities is a strong reminder of the persistent security challenges faced in the Android ecosystem. With this latest patch rollout, Google continues demonstrating its commitment to protecting Android users.

Device manufacturers and users must now do their part, ensuring the latest updates are applied promptly to maintain the security and integrity of their devices.

Additional assistance from specialized software like Bitdefender Mobile Security for Android can help you keep your device safe in the face of digital threats, with features like:

• App anomaly detection that constantly monitors apps installed on your device and takes instant action upon detecting suspicious activity
• Comprehensive malware scanner that provides you with in-depth analyses regarding threats that you're protected against
• Scam alert module that safeguards your texts and notifications to prevent you from falling victim to scams