Google has released over 50 security patches for the Android platform in its March 2023 security updates. Two remote code execution flaws in the System component are the most severe issues, both of which were resolved as part of the 2023-03-01 security patch level.
Eight security defects in the Framework component, all rated ‘high’ severity, were also resolved. Google stated that the most critical issue is a critical security vulnerability in the System component that could lead to remote code execution with no additional execution privileges needed.
The second part of the March 2023 Android updates addressed an additional 29 vulnerabilities, which affect the Android Kernel, MediaTek, Unisoc, Qualcomm, and Qualcomm closed-source components.
Most of the vulnerabilities are high-severity flaws, except for two bugs in Qualcomm closed-source components, which are rated ‘critical’. Google has not released any Android Automotive OS security patches this month but did not mention security updates for Pixel phones. Typically, Pixel updates are announced simultaneously with new Android patches each month.
It is highly recommended that Android users install these security patches to keep their devices protected. With remote code execution vulnerabilities that require no additional privileges, hackers could potentially take over users’ devices, making it even more important to update as soon as possible.
The vulnerabilities that were resolved in the March 2023 security updates could have been exploited by attackers to compromise users’ devices, steal sensitive data, and carry out other malicious activities.
