Android 15: Google Addresses Key Security Vulnerabilities Ahead of Major Update

Google's October Security Bulletin addresses vulnerabilities across Android versions 12 to 15, with significant updates introduced for devices as the rollout of Android 15 approaches.

Google Tackles Security Vulnerabilities in Android 15

Google has addressed several vulnerabilities in its mobile operating system with the release of the October 2024 Security Bulletin. This review includes security patches for Android versions 12 through 15, with a total of 26 vulnerabilities documented and resolved.

Android Security Bulletin

In this bulletin, issued on the first Monday of the month, Google provides insights into security issues that developers have patched in the open-source framework. This includes implementations for Android 15, notably codenamed “Vanilla Ice Cream,” along with kernel security patches and bug fixes from chip manufacturers.

An Overview of Patch Levels

As is customary, the security vulnerabilities are categorized into two patch levels. The first patch level, 2024-10-01, contains the fixed AOSP vulnerabilities (Android Open Source Project), while the second level, 2024-10-05, summarizes patches related to the Linux kernel and various vendor chipsets. It’s critical to note that not all Android devices may be affected, as manufacturers use different hardware components, making it important for Google to ensure individual vendors implement the appropriate patches.

Today is Amazon Prime Big Deal Day! Our editorial team lists the best technology deals here.

Patch Level 2024-10-01: A Focus on High-Risk Vulnerabilities

For the 2024-10-01 patch level, the Security Bulletin lists just seven vulnerabilities that have been resolved. Google classifies each as high risk, meaning many could allow attackers to gain elevated local privileges (EoP). All versions of Android, from 12 to 15, are considered potentially vulnerable to these threats.

To keep your devices secure, check out our latest reviews of protective apps for Android and the best antivirus programs of 2024 tested: Protecting your Windows PC.

The second patch level, 2024-10-05, addresses 19 vulnerabilities associated with chip manufacturers such as Imagination Technologies (PowerVR-GPU), Mediatek, and Qualcomm. All of these vulnerabilities have also been rated as high risk, underscoring the need for vigilance from both Google and device manufacturers.

To date, Google’s Pixel Devices have yet to receive a dedicated update bulletin for October. This delay often occurs when a feature drop is imminent. As new capabilities or functionalities are deployed, certain models like the Pixel 6 and newer may bypass typical security updates for Android 14 in favor of a full system upgrade to Android 15, slated for release on October 15.

Android 15 Logo

The trend in the smartphone and tablet market shows an increase in manufacturers providing routine security updates. However, many brands still lag significantly, only offering updates for premium models. While Samsung is known for prompt updates, other companies can take weeks or even longer to respond.

Update Information by Manufacturer:

Fairphone
Gigaset
Google (Pixel Devices)
Huawei
Lenovo (Smartphones, Tablets)
LG
Motorola (Lenovo)
Nokia (HMD Global)
OnePlus
Oppo
Samsung
Sony
Vivo

As we move forward, it’s essential to remain aware of the evolving landscape of device security. Knowing the security protocols amongst manufacturers can help users stay ahead of potential risks and ensure their data remains protected.