The Computer Emergency Response Team (CERT-In), operating under the Ministry of Electronics and Information Technology, has issued a ‘high’ security risk warning targeting Android smartphone users. The official advisory cautions against ‘multiple vulnerabilities’ that, if left unaddressed, could potentially grant attackers unauthorized access to sensitive data. The recommended solution involves promptly updating apps via the official Play Store and checking for available Android OS updates.
High-security risk warning issued for Android users by CERT-In
The magnitude of this security risk extends to users of smartphones running Android 11, Android 12, and Android 13. Additionally, those using Android 12L-based operating systems on tablets and foldable devices are also susceptible.
The CERT advisory states, "Multiple vulnerabilities have been reported in Android which could allow an attacker to gain elevated privileges, obtain sensitive information, execute remote code, or cause denial of service conditions on the target system."
Elaborating further on these vulnerabilities, the advisory stated, "Multiple vulnerabilities exist in Android due to flaws in Qualcomm components, Framework, Google Play system, System and Qualcomm closed-source components. Successful exploitation of these vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, execute remote code, or cause denial of service conditions on the target system."
This security risk has the potential to impact a significant number of users in India, given the country's substantial Android user base. According to Statista, Android commanded a dominant 95.26 per cent share of the mobile operating system market in India in 2022.
How to stay safe from the potential Android risks?
In light of the recent security risks, the primary safeguard entails ensuring your smartphone remains up-to-date. This begins with keeping all installed apps running the latest versions. Furthermore, users should proactively check for pending operating system (OS) updates, with the process for doing so slightly varying across different Android devices. Typically, navigating to 'Settings' and conducting a search for 'Android updates' suffices.
Although these vulnerabilities primarily concern system-related flaws, it's generally advisable for users to exclusively employ apps developed by trusted sources. Strict avoidance of app downloads from third-party online stores is recommended.
ALSO READ: Donald Mustard, creator of Fortnite, announces retirement from Epic Games
It's worth noting that CERT-In had previously issued a similar warning in August 2023. At that time, the Android vulnerabilities impacted users of Android 13-powered devices in India. These issues stemmed from flaws in various components, including the Framework, Android Runtime, System Component, Google Play system updates, Kernel, Arm components, MediaTek components, and Qualcomm closed-source components.
ALSO READ: Google introduces AI-driven 'Proofread' feature in Gboard Keyboard