Why This Matters
This isn’t a typical security patch, but one that includes several flaws classified as critical. Update your Android device to the latest version immediately.
The details: The security flaw that’s getting the most attention is known as MediaTek-su by Android developers and CVE-2020-00069 by Google. The bug itself lets attackers gain root access to your Android device without having to unlock the bootloader, reports Sophos’ Naked Security blog.
While MediaTek itself says it patched the vulnerability in May 2019, the Android developer group XDA notes there are millions of Android devices in the wild that haven’t received the fix from the company, and they may never.
Even more: Other serious bugs in the update include ones in the media framework, which handles camera, audio, and video. These allow remote attackers access to your device’s media codecs. Other bugs include vulnerabilities in what’s called “privilege elevation,” which could allow a user that isn’t you higher access in the operating system than they should be allowed.
The Bottom Line: If we’ve said it once, we’ve said it a thousand times: keep your devices updated with the latest updates. That includes iOS, Android, Windows, macOS, Linux, and all of your smart home devices. There’s no reason not to do it.