Google has officially released a security update for Android addressing two zero-day vulnerabilities that the company confirmed are currently being leveraged in limited, targeted attacks. These flaws allow unauthorized actors to compromise devices in real-world scenarios, prompting an urgent call for users to update their systems.
The Amnesty International Connection
One of the critical bugs, tracked as CVE-2024-53197, was brought to light through a collaboration between Amnesty International and Benoît Sevens of Google’s Threat Analysis Group (TAG).
The discovery stems from investigations into Cellebrite, a firm that provides law enforcement with digital forensic tools. Amnesty revealed that these tools utilized a chain of three zero-day vulnerabilities to bypass security on Android devices. Specifically, the exploit was identified being deployed by local authorities against a student activist in Serbia.
Kernel-Level Vulnerabilities
While details remain scarce regarding the second vulnerability, CVE-2024-53150, Google confirmed it was also discovered by Sevens. This flaw resides within the kernel—the core of the Android operating system—making it a high-priority target for security hardening.
Severity and Escalation Risks
Google’s security advisory highlights that the most severe of these issues involves a critical vulnerability in the System component. This flaw facilitates remote privilege escalation without requiring any additional execution permissions or interaction from the user. Because the exploit can be triggered silently, it poses a significant threat to device integrity.
Patch Deployment and User Safety
In response to the active exploitation, Google has committed to pushing source code patches for both zero-days within 48 hours of its advisory. The company maintains a policy of notifying Android partners of security issues at least one month prior to public disclosure to facilitate device-specific updates.
However, due to the open-source nature of Android, the speed of protection depends on individual manufacturers. Each phone maker is responsible for integrating these patches and delivering them to their respective user bases. Users are advised to check their device settings for available security updates immediately to ensure their hardware is protected against these active exploits.
Google has not provided further comment on the specifics of the investigation, and Amnesty International noted they have no additional information to share at this time.
For more details on the full Android security bulletin, visit the official developer portal.