July is here – and so are the latest Android security fixes. Plenty of critical updates for all

Patch, punch, it's the first of the month

Google today posted a fresh round of Android security fixes.

The July update addresses a total of 33 CVE-listed vulnerabilities, nine of them classified as critical risks.

At the basic 2019-07-01 level, a dozen bugs are addressed. Five of those would allow for remote code execution if exploited; three (CVE-2019-2106, CVE-2019-2107, CVE-2019-2100) in the Android media framework, while another (CVE-2019-2105) is in Android Library and the fifth (CVE-2019-2105) is found in the System. All would be triggered by opening a specially-crafted file.

Of the remaining CVEs, five (CVE-2019-2104 in Framework and CVE-2019-2116, CVE-2019-2117, CVE-2019-2118 and CVE-2019-2119 in System) are for information disclosure bugs and two (CVE-2019-2112, CVE-2019-2113) are elevation of privilege vulnerabilities.

The 01 level patches are the minimum required level for Android device makers and service providers. Those needing patches for additional components (such as for Qualcomm components) will get the 2019-07-05 patch bundle.

This month, the 05 level consists of fixes for 21 flaws, all in Qualcomm software. Those, in turn, are divided into two groups: eight CVE entries for open-source components and 13 entries for closed-source products where Qualcomm does not provide specific information on the nature of the flaw or the exact component.

Man browses his tablet and ignores the beach. Photo by shutterstock

It is with a heavy heart that we must report that your software has bugs and needs patching: Microsoft, Adobe, SAP, Intel emit security fixes


Ten of the closed-source component CVEs were for issues rated as High security risks; generally this means things like elevation of privilege and information disclosure flaws. Another three were classified as critical, which usually means a remote code execution vulnerability that requires little to no user interaction to exploit.

Of the open source Qualcomm fixes, two (CVE-2019-2308 in DSP_Services and CVE-2019-2330 in Kernel) were classified as critical. The other six were labeled high severity and were found in WLAN Host (CVE-2019-2276, CVE-2019-2307), WLAN Driver (CVE-2019-2305), HLOS (CVE-2019-2278), and Audio (CVE-2019-2326, CVE-2019-2328).

Those using Google branded devices, such as supported the Pixel phones, should be able to get the July updates shortly, while others will need to wait for their device maker or service provider to get the patches for their gear.

If available, admins will likely want to test and install the patches before July 9th, when things will get a bit busier thanks to Microsoft, Adobe, and SAP all delivering their monthly Patch Tuesday bundle of security fixes. ®

Similar topics

Other stories you might like

  • The future: Windows streaming through notched Apple screens

    Choice is the word for Jamf's Dean Hager

    Interview As Apple's devices continue to find favour with enterprise users, the fortress that is Windows appears to be under attack in the corporate world.

    Speaking to The Register as the Jamf Nation User Conference wound down, the software firm's CEO, Dean Hager, is - unsurprisingly - ebullient when it comes to the prospects for Apple gear in the world of suits.

    Jamf specialises in device management and authentication, and has long been associated with managing Apple hardware in business and education environments. In recent years it has begun connecting its products with services such as Microsoft's Azure Active Directory as administrators face up to a hybrid working future.

    Continue reading
  • There’s a wave of ransomware coming down the pipeline. What can you do about it?

    AI can help. Here’s how…

    Sponsored The Colonial Pipeline attack earlier this year showed just how devastating a ransomware attack is when it is targeted at critical infrastructure.

    It also illustrated how traditional security techniques are increasingly struggling to keep pace with determined cyber attackers, whether their aim is exfiltrating data, extorting organisations, or simply causing chaos. Or, indeed an unpleasant combination of all three.

    So, what are your options? More people looking for more flaws isn’t going to be enough – there simply aren’t enough skilled people, there are too many bugs, and there are way too many attackers. So, it’s clear that smart cyber defenders need to be supplemented by even smarter technology incorporating AI. You can learn what this looks like by checking out this upcoming Regcast, “Securing Critical Infrastructure from Cyber-attack” on October 28 at 5pm.

    Continue reading
  • Ransomware criminals have feelings too: BlackMatter abuse caused crims to shut down negotiation portal

    Or so says infsec outfit Emsisoft

    Hurling online abuse at ransomware gangs may have contributed to a hardline policy of dumping victims' data online, according to counter-ransomware company Emsisoft.

    Earlier this month, the Conti ransomware gang declared it would publish victims' data and break off ransom negotiations if anyone other than "respected journalist and researcher personalities" [sic] dared publish snippets of ransomware negotiations, amid a general hardening of attitudes among ransomware gangs.

    Typically these conversation snippets make it into the public domain because curious people log into ransomware negotiation portals hosted by the criminals. The BlackMatter (aka DarkSide) gang's portal credentials (detailed in a ransom note) became exposed to the wider world, however, and the resulting wave of furious abuse hurled at the crims prompted them to pull up the virtual drawbridge.

    Continue reading

Biting the hand that feeds IT © 1998–2021