The Computer Emergency Response Team (CERT-In) under the Ministry of Electronics and Information Technology has issued a critical warning for older Android devices, specifically Android versions 13 and older. On its official website, CERT has highlighted multiple vulnerabilities in the Android operating system that could pose significant risks to users.
CERT has labeled the vulnerabilities found in the Android OS as ‘CRITICAL,’ indicating the potential for severe repercussions if they are exploited. The government further warns that if these vulnerabilities are exploited, they will open the door for attackers to carry out a range of malicious actions, including executing their own code on the device, gaining elevated privileges, accessing sensitive user information, and even causing a denial of service (DoS) situation where the device becomes inoperable. In simple terms, these security flaws can allow hackers to take control of your Android device, steal your data, or render it unusable.
Affected Android devices
According to CERT, the vulnerabilities that have been highlighted primarily affect Android devices running older versions of the operating system, specifically Android versions 11, 12, 12L, and 13.
What’s concerning is that these vulnerabilities are not confined to a single component; instead, they are found in various parts of the Android system. This includes critical components like the Framework, System, Google Play system updates, as well as components associated with different hardware manufacturers, such as Arm, MediaTek, Unisoc, Qualcomm, and even Qualcomm’s closed-source components.
Luckily, Google has already released the update for Android OS which addresses the issues. Therefore, users are asked to promptly update their devices and take necessary security measures to safeguard their devices and phone.
How to protect your smartphone
Here are some security tips users are required to follow in order to safeguard their device from vulnerabilities and other future malicious attacks.
Apply Security Patches Urgently: The government warning specifically mentions that certain vulnerabilities may already be under active exploitation. Therefore, the most immediate and effective step to protect your device is to apply security patches by updating the OS. These patches are designed to address the identified vulnerabilities and enhance the security of your device.
Keep Your Android OS Updated: Regularly updating your Android operating system is crucial. It ensures that you have the latest security features and improvements that can help defend your device against known vulnerabilities.
Be Cautious with App Downloads: Exercise caution when downloading and installing apps, especially from unofficial sources. Avoid third party apps, and stick to trusted app stores like the Google Play Store. Additionally, be mindful of the permissions you grant to apps.
Review App Permissions: Periodically review the permissions granted to apps on your device. Revoke permissions that seem excessive or unnecessary for the app’s functionality.
Backup Your Data: Regularly backup your data to an external source or cloud storage. This can ensure that your valuable information is safe in case of any unexpected incidents.