Google has released fixes for three critical-severity vulnerabilities in the Media framework of its Android operating system, which if exploited could allow a remote attacker to execute code. The remote code execution (RCE) flaws are part of Google’s October 2019 Android Security Bulletin, which deployed fixes for high and critical-severity vulnerabilities tied to nine CVEs overall.
Read full article on Threat Post