The Google developer team is not only engaged in continuous work of improving Android but also in a constant search for possible vulnerabilities, in order to quickly find solutions that can guarantee users the highest possible level of security.
And so there is not much to be expected to discover that Google recently fixed a critical security flaw in Android 12 that could have allowed malicious people to have access to the device without any user interaction.
Various news for Android 12 in the February security bulletin
According to what is learned from the security bulletin of February 2022, Google defines the CVE-2021-39675 vulnerability as a “critical security vulnerability in the system component that could lead to a remote escalation of privileges”.
The Mountain View giant didn’t disclose much more information about the vulnerability in question, although it did reference a source-level change in Android’s wireless NFC code that introduces additional control. The Google team probably doesn’t want to go into too much detail right now, as we’re still in the process of implementing February’s security patches.
In addition to CVE-2021-39675, there are five other high severity vulnerabilities fixed by Google in the System component and related to Android 12, Android 11 and Android 10.
There are also five high-severity issues in the Android Framework component, which can be exploited by malicious apps to gain high-level privileges, reportedly.
Finally, there are four bugs fixed only for Google Pixel devices: two of high severity concern the camera and the battery and two of moderate level concern the Qualcomm kernel code.
Obviously, the smartphones of the Google Pixel series are the first to receive the February security patches, while for the devices of the other brands it will be necessary to wait for the release of the update by the respective manufacturers.