You know Google releases periodical Android security updates. They have recently rolled out February 2019 update with fixes to about 42 issues. Owing to the size of the updates, you might have skipped a few in the past. Should you skip this?
Well, I bet you shouldn’t. Among the 42 issues, they have fixed a critical vulnerability, which had the potential to bring your device to the graveyard. Let’s have a closer look at the problem.
Android has a Critical Security Bug and Google Fixed it on the Latest Update
Of course, nothing is flawless. Manufacturers often release updates to bring their devices close to perfectness. You know Google has its own device lineup. Moreover, they own the Android platform. For the same reason, the search engine titan has the responsibility to keep the users away from vulnerabilities.
The latest update fixed a deadly issue Android users have been facing. It could allow an attacker to seed a malware just by sending an image in PNG format. Once the users open the image, the malware gets activated and triggers havoc.
You know Google isn’t the supreme authority when it comes to releasing security patches for all the phones. They have released it for Pixel devices. However, for all the devices to be free from this glitch, the numerous manufacturers should roll out the update for their respective devices. You know the total Android devices outnumber Pixels in millions.
In this confusing context, how can you stay safe especially when you are a non-Pixel Android user? First, you shouldn’t open images from SMS or untrusted emails. If you don’t mind, you can check the extension and avoid PNG files as you know they are the real culprits here. Opening the infected PNG file will lead your device into a state where it automatically downloads the malware.
They have spotted the vulnerability in three forms (CVE-2019-1986, CVE-2019-1987, and CVE-2019-1988). It is relieving to know the issue affects only the devices running on Android 7.0 and higher. Google claimed no reports of the vulnerability going out of hand had been reported so far. However, they have released the security patch to prevent such incidents.
They have notified all their Android partners about the vulnerability before publishing the details. And, they also published the code patches to the Android Open Source Project (AOSP) repository.
As you already read, the official update has hit Pixel devices only. So, you will have to retract yourself from downloading and opening PNG files from unknown websites, email addresses, or numbers.