Como sucede cada mes Google ha liberado la OTA de actualización correspondiente al mes de Mayo 2016 en donde parcha 25 vulnerabilidades de seguridad que afectan a sus dispositivos.
Junto con la OTA podemos encontrar un boletín que indica qué fallos de seguridad han sido arreglados en donde la más grave vulnerabilidad permite ejecución de código remoto a través de múltiples métodos como correos, navegación web y MMS.
En la siguiente tabla podemos observar las seis vulnerabilidades de gravedad critica, 12 altas, seis moderadas y una menor que se han arreglado y porqué afectaban la seguridad de Android.
Issue | CVE | Severity | Affects Nexus? |
---|---|---|---|
Remote Code Execution Vulnerability in Mediaserver | CVE-2016-2428 CVE-2016-2429 |
Critical | Yes |
Elevation of Privilege Vulnerability in Debuggerd | CVE-2016-2430 | Critical | Yes |
Elevation of Privilege Vulnerability in Qualcomm TrustZone | CVE-2016-2431 CVE-2016-2432 |
Critical | Yes |
Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver | CVE-2015-0569 CVE-2015-0570 |
Critical | Yes |
Elevation of Privilege Vulnerability in NVIDIA Video Driver | CVE-2016-2434 CVE-2016-2435 CVE-2016-2436 CVE-2016-2437 |
Critical | Yes |
Elevation of Privilege Vulnerability in Kernel | CVE-2015-1805 | Critical | Yes |
Remote Code Execution Vulnerability in Kernel | CVE-2016-2438 | High | Yes |
Information Disclosure Vulnerability in Qualcomm Tethering Controller | CVE-2016-2060 | High | No |
Remote Code Execution in Bluetooth | CVE-2016-2439 | High | Yes |
Elevation of Privilege in Binder | CVE-2016-2440 | High | Yes |
Elevation of Privilege Vulnerability in Qualcomm Buspm Driver | CVE-2016-2441 CVE-2016-2442 |
High | Yes |
Elevation of Privilege Vulnerability in Qualcomm MDP Driver | CVE-2016-2443 | High | Yes |
Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver | CVE-2015-0571 | High | Yes |
Elevation of Privilege Vulnerability in NVIDIA Video Driver | CVE-2016-2444 CVE-2016-2445 CVE-2016-2446 |
High | Yes |
Elevation of Privilege in Wi-Fi | CVE-2016-2447 | High | Yes |
Elevation of Privilege Vulnerability in Mediaserver | CVE-2016-2448 CVE-2016-2449 CVE-2016-2450 CVE-2016-2451 CVE-2016-2452 |
High | Yes |
Elevation of Privilege Vulnerability in MediaTek Wi-Fi Driver | CVE-2016-2453 | High | Yes |
Remote Denial of Service Vulnerability in Qualcomm Hardware Codec | CVE-2016-2454 | High | Yes |
Elevation of Privilege in Conscrypt | CVE-2016-2461 CVE-2016-2462 |
Moderate | Yes |
Elevation of Privilege Vulnerability in OpenSSL & BoringSSL | CVE-2016-0705 | Moderate | Yes |
Elevation of Privilege Vulnerability in MediaTek Wi-Fi Driver | CVE-2016-2456 | Moderate | Yes |
Elevation of Privilege in Wi-Fi | CVE-2016-2457 | Moderate | Yes |
Information Disclosure Vulnerability in AOSP Mail | CVE-2016-2458 | Moderate | Yes |
Information Disclosure Vulnerability in Mediaserver | CVE-2016-2459 CVE-2016-2460 |
Moderate | Yes |
Denial of Service Vulnerability in Kernel | CVE-2016-0774 | Low | Yes |
Si tienes un dispositivo Nexus entonces puedes esperar la OTA o puedes descargar e instalar manualmente la ROM. Las compilaciones son las siguientes:
- Pixel C (MXC89F)
- Nexus 6P (MTC19T)
- Nexus 5X (MCT19T)
- Nexus 6 (MMB30G y MOB30I)
- Nexus Player (MOB30G)
- Nexus 9 (LTE MOB30G)/WiFi MOB30G
- Nexus 5 (MOB30H)
- Nexus 7 (2013) (WiFi MOB30J)/LTE MOB30J
Ver todos los comentarios en https://www.xataka.com.mx
VER 0 Comentario