The South Korean smartphone manufacturer Samsung Electronics has detailed the contents of the June 2018 Android security patch, which the device maker is going to distribute to its devices within the next few weeks. Aside from the vulnerabilities that Google already addressed in the latest security patch, the tech company also resolved three Samsung Vulnerabilities and Exposures (SVE) in its software, two of which are classified as critical security issues. One of the two critical security flaws addressed by the device maker can cause memory corruption, which means that attackers can utilize the exploit to modify the memory stored in the device. This vulnerability primarily affects devices that run Android Nougat and are powered either by an Exynos or a MediaTek chipset. Another critical vulnerability that was resolved by the tech firm is identified as a Keymaster architecture vulnerability and it affects devices that are equipped with an Exynos SoC and run Android Marshmallow, Nougat, and Oreo.
Aside from the two critical vulnerabilities, the latest security patch also fixes one moderate-level security exploit that exposes the location of a Trustlet, and this issue was resolved by removing the problematic code. The device maker further mentioned that there are other vulnerabilities that were fixed in this security patch, although the manufacturer has chosen not to provide details regarding these security issues to reduce the risk of exploitation.
Meanwhile, Google has also recently provided information regarding the contents of the June 2018 Android security patch. This security patch addresses five critical vulnerabilities identified in the media framework and the system partition of the search giant’s operating system. The most critical vulnerability that was resolved by the tech firm in the latest security patch is the remote code execution vulnerability located in the media framework of the operating system. The software package that contains the latest security patch should be rolling out to Samsung devices within the next few weeks, and users only need to wait for a notification stating the update is now available for download and installation. By updating to the latest security patch available for their devices, people will be protected from vulnerabilities that could be used to compromise their accounts and the important data stored in their handsets.