Google has fixed two critical bugs with the March 2023 Android update

Google recently rolled out the planned Android security update for March 2023, which addresses numerous security vulnerabilities. Two of these patches also address critical code execution bugs that affected multiple Android versions. Users should make sure to update their devices as soon as they receive the update to protect their devices.

Android March update fixes multiple vulnerabilities

The tech giant Google has rolled out monthly security updates for its Android users. With the March 2023 Update, Google has patched multiple vulnerabilities in several Android versions, releasing the updates in two installments.

The first episode, dated March 1, 2023, fixed vulnerabilities in the following components.

  • Frame: Received patches for 8 privilege escalation vulnerabilities, 2 information disclosure vulnerabilities, and 1 denial of service flaw. All of these vulnerabilities received a high severity rating.
  • System: Contains fixes for 2 critical remote code execution vulnerabilities: CVE-2023-20951 and CVE-2023-20954. These flaws affected Android 11, 12, 12L, and 13, allowing an adversary to exploit the flaw without user intervention. Additionally, Google has also patched 9 highly severe privilege escalation vulnerabilities, 5 information disclosure issues, and 2 DoS bugs.
  • GooglePlay: The patches address CVE-2023-20956 (for Media Codecs), CVE-2023-20947 (Permission Controller), CVE-2023-20929 (Tethering), and CVE-2022-20499 and CVE-2023-20910 (WiFi).

Following this release, Google released another update on March 5, 2023. It contains an important kernel patch for a highly severe privilege escalation vulnerability (CVE-2021-33655) in Frame Buffer. Moreover, the update also includes security fixes for MediaTek components, Unisoc and Qualcomm components, which the vendors have also released with details directly.

While Google has already rolled out these updates, not all Android users will receive the patches at the same time. That’s because the relevant Android device vendors have their own schedules for releasing updates.

Therefore, the users should remain vigilant without updating their devices as soon as they receive the relevant prompt. Users can also manually check for any updates for their devices through the “Institutions” menu card.

However, the devices must be running Android 11 or later as the older Android versions have reached their planned End-of-Life (EoL).

Let us know your opinion in the comments.

Leave a Comment