Summarize

Simplifying... Inshort

Android users, beware! CERT-In has flagged high-severity security flaws in various parts of the Android ecosystem, including leading hardware vendors like MediaTek and Qualcomm.
To keep your device safe, it's crucial to install updates promptly, download apps only from trusted sources like Google Play Store, and enable security features like two-factor authentication.
Stay alert for unusual phone behavior, such as unexpected crashes or rapid battery drain, which could indicate exploitation.

Was a long read? Making it simpler...

Next Article

The flaws affect Android versions 12 to 15

Centre issues high-severity warning for Android: Is your phone safe?

By Akash Pandey

Nov 27, 2024

06:29 pm

What's the story

The Indian Computer Emergency Response Team (CERT-In), under the Ministry of Electronics and Information Technology, has issued a high-severity warning regarding multiple security flaws in Android. The vulnerabilities could allow unauthorized data access, system instability, and potential data breaches. The flaws affect Android versions 12 to 15. They impact a range of devices from smartphones to tablets, watches, and other embedded systems running on the affected versions.

Vulnerability details

Flaws originate from various components within Android ecosystem

The security flaws flagged by CERT-In stem from different parts of the Android ecosystem. They include the Framework, System, Google Play system updates, and Kernel. Further, certain vulnerabilities have also been found in components from leading hardware vendors like MediaTek, Qualcomm, and Imagination Technologies. If exploited, these vulnerabilities could give attackers access to sensitive information on the device or elevated privileges for unauthorized system control.

User guidance

Potential risks and recommended actions

The potential risks of these flaws are rated high, stressing the need for users and OEMs to patch them immediately. CERT-In recommends Android users and OEMs to remain vigilant and install updates as soon as they are available. They are critical to reduce the risks and prevent exploitation. Along with updates, CERT-In also recommends downloading apps only from trusted sources like Google Play Store and avoiding sideloading apps from unverified platforms as they may carry malware.

Security steps

Additional security measures suggested by CERT-In

CERT-In also advises users to enable built-in security features like app permissions, two-factor authentication, and device encryption to limit exposure. Users should also remain alert for abnormal behavior like unexpected crashes or rapid battery drain, which could be a sign of potential exploitation. Once an update is available, users can update their Android phones by heading over to Settings > System Upgrade and installing the available update.