Microsegmentation and Isolation: 2 Essential Strategies in Zero-Trust Security
Lawsuit Claims Google Collects Minors’ Locations, Browsing History
Google Ditches Patch-Time Bug Disclosure in Favor of 90-Day Policy
Google Updates Ad Policies to Counter Influence Campaigns, Extortion
Lifeline Assistance Phone Users Targeted with 'Uninstallable' Adware
Unpatched Bugs in Oracle iPlanet Open Door to Info-Disclosure, Injection
In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.
In onCreate of ConfirmConnectActivity.java, there is a possible leak of Bluetooth information due to a permissions bypass. This could lead to local escalation of privilege of a pairing Bluetooth MAC address with no additional execution privileges needed. User interaction is needed for exploitation.
Android Security Bulletin—October 2020