This week Samsung started releasing some security updates on Android mobile devices to fix some critical security vulnerabilities in the operating system and related components.
This comes after Android released the December 2020 security newsletter, which includes patches for critical vulnerabilities affecting the latest devices.
As noted by BleepingComputer, Samsung Galaxy devices will be automatically updated with the updates released on December 7, 2020.
These updates mainly include important security fixes with possible stability improvements device.
Any vulnerabilities encountered by this update have a "High" or "Critical" severity rating, making this update necessary for Android users so that their devices remain protected.
RCE, Privilege Scaling and Denial of Service (DoS)
The vulnerability could allow an attacker to execute remote code execution (RCE) attacks using a specially created file as part of a privileged process.
Other defects that affect components such as the Framework and the System could allow the disclosure of sensitive information and bypass user interaction, ie a malicious application can gain additional permissions on the vulnerable device without approval of user.
In the following screenshot see the list of vulnerabilities that have been fixed by this update:
Some bugs may still be exploitable
On selected Samsung Galaxy devices, the updates launched this week have the most recent "security patch" at "2020-12-01."
A complete description improvements and optimizations offered by this update is provided on the Samsung website.