The Computer Emergency Response Team (CERT-In) under the Ministry of Electronics and Information Technology has issued an important warning for older Android devices, specially Android version 13 and older. CERT on its official website has highlighted several vulnerabilities in the Android operating system that can pose significant risks to users.
CERT has labeled the vulnerabilities found in the Android OS as ‘CRITICAL,’ indicating the potential for severe repercussions if they are exploited. The government further warns that if these vulnerabilities are exploited, they will open the door for attackers to carry out a range of malicious actions, including executing their own code on the device, gaining elevated privileges, accessing sensitive user information, and even causing a denial out of service (DoS) situation where the device becomes inoperable. In simple terms, these security flaws can allow hackers to take control of your Android device, steal your data, or render it unusable.
Affected Android Devices
According to CERT, the vulnerabilities exposed primarily affect Android devices running older versions of the operating system, specifically Android versions 11, 12, 12L, and 13.
The concern is that these vulnerabilities are not limited to any one component; Instead, they are found in different parts of the Android system. It includes critical components such as frameworks, systems, Google Play system updates, as well as components from various hardware manufacturers such as Arm, MediaTek, Unisoc, Qualcomm, and even closed-source components from Qualcomm’s.
Luckily, Google has already released an update to the Android OS that fixes the issues. Therefore, users are asked to update their devices immediately and take necessary security measures to protect their devices and phones.
How to protect your smartphone
Here are some security tips that users need to follow to keep their devices safe from vulnerabilities and other future malicious attacks.
- Apply security patches immediately: The government warning specifically mentions that some vulnerabilities may already be subject to active exploitation. Therefore, the most immediate and effective step to protect your device is to apply security patches by updating the OS. These patches are designed to fix identified vulnerabilities and enhance the security of your device.
- Keep your Android OS updated: It is important to update your Android operating system regularly. This ensures that you have the latest security features and improvements that can help protect your device from known vulnerabilities.
- Be careful when downloading apps: Use caution when downloading and installing apps, specially from unofficial sources. Avoid third-party apps and stick to trusted app stores like Google Play Store. Additionally, be mindful of the permissions you give to apps.
- Review app permissions: Periodically review the permissions granted to apps on your device. Revoke permissions that seem excessive or unnecessary to the app’s functionality.
- Back up your data: Regularly back up your data to an external source or cloud storage. This can ensure that your valuable information is safe in case of any unexpected events.
