If you have an Android smartphone in your pocket then you must check that it’s updated with the most recent software as soon as possible. That’s the latest ‘severe’ alert from Google who says a number of bugs have been spotted that could put devices at risk of attack from cyber crooks.
A total of 51 vulnerabilities have been fixed in the latest November update making it a major release from Google. Glitches aren’t anything new but what makes this alert more scary is that two of the flaws have been given the dreaded “zero-day” rating.
For those not up to speed with the latest tech jargon, zero-day means the bug has already been spotted and is being actively exploited in the wild. That’s why it’s so important to keep an eye out for the latest Android software patches and install them without delay.
“The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2024-11-05 or later address all of these issues,” Google explained in an update.
It’s thought that those targeted by the issues could become victims of nasty spyware attacks where hackers watch what they are doing on devices. There’s also the possibility of something called ‘remote code execution’ where crooks can install things onto devices without needing physical access.
“The most severe of these issues is a high security vulnerability in the System component that could lead to remote code execution with no additional execution privileges needed,” said Google.
This patch has now been released so it’s a good idea to check your setting. However, it might take a few days before each phone manufacturer, such as Samsung, releases its own set of bug fixes so be patient.
How to update your device
• Open your device’s Settings app.
• Tap System and then Software update.
• You’ll find your update status. Follow any steps on the screen.
News of this update comes as Android users have also been placed on red alert over a new “FakeCall” bug. This vicious malware was actually first spotted all the at back in 2022 but it’s now seen a shock resurgence and is more troublesome than ever.
Once installed, the latest version of FakeCall can set about redirecting phone calls with users being put through to scammers when they think they are simply ringing their bank.
Zimperium has confirmed that it works by taking over Android’s call handler setting which then allows cyber crooks to manipulate both incoming and outgoing calls.