Google fixes two Android zero-days used in targeted attacks


Google’s November Android security updates fix 51 vulnerabilities, including two actively exploited zero-day flaws (CVE-2024-43047 and CVE-2024-43093). CVE-2024-43047, a high-severity privilege elevation flaw in Qualcomm components, and CVE-2024-43093, affecting the Android Framework, were both used in limited, targeted attacks. Researchers from Amnesty International linked CVE-2024-43047 to potential spyware attacks. The update, covering Android versions 12 to 15, includes two patch levels, with vendor-specific fixes in the November 5 patch. Android 11 and older versions may receive critical updates via Google Play, but upgrading devices is recommended for improved security.

Read More


thumb-image

Solutions