A total of 60 different errors, including two critical ones remote code execution vulnerabilities were patched with the release of Google’s March 2023 Android security updates.
As reported by Beeping computer (opens in new tab)these errors affect the best android phones with Android 11, Android 12 and Android 13. This time, however, Google’s latest fixes are delivered through two separate security patch levels: 01/03/2023 and 05/03/2023.
While the first package contains 31 fixes for core Android components such as Framework, System, and Google Play, the second package has 29 fixes for the Android kernel and third-party components from Qualcomm, MediaTex, and Unisoc.
Android users will want to download and install these security updates as they become available, as the two critical remote code execution flaws can be exploited without any user intervention.
Critical remote code execution errors
In a security bulletin (opens in new tab) for the March 2023 Android security updates, Google explains that of the patched issues, the most serious is a “critical security vulnerability in the system component that could allow remote code execution without the need for additional executable privileges.”
The two critical errors are tracked as CVE-2023-20951 and CVE-2023-20954. However, the search giant has added additional information about them to prevent hackers from exploiting them before Android users can apply the new updates.
When it comes to third-party vendors, there are also two critical bugs that affect Qualcomm components and are tracked as CVE-2022-33213 and CVE 2022-33256.
So far we haven’t heard about these flaws being actively exploited in the wild, but hackers could be developing exploits for them at this point. That’s why it’s so important to keep your Android smartphone up to date.
How to update your Android smartphone
To check if these new security updates are available for your Android smartphone, first go to InstitutionsThan System and tap System update before clicking the “Check for updatesbutton. You can also go to Institutionsthen to Security and privacytap on updates and then Security update.
Unfortunately devices work Android 10 or lower will not receive these patches when they reach end of life (EoL) last September. Still, there may be some important security fixes available as Google Play system updates that you can access from the Institutions menu by going to Security and privacy, updates and then Google Play system update.
If you have an older Android phone that still works fine but is no longer receiving security updates, you may want to look into installing a custom rom like LineageOS or GrapheneOS because they both provide up-to-date OS images for devices that are no longer supported by their manufacturers. However, if installing a custom rom seems like a daunting task, it may be time to upgrade to a new device.
When it comes to protecting against mobile threats, you need to take care of it Google Play Protect is enabled on your smartphone, but you can also use one of the best antivirus apps for android for added protection.
We’ll likely hear more from Google about these two critical remote code execution flaws once enough users install the latest Android security updates.