The latest security maintenance release for July 2019 includes all of the fixes that Google has made to vulnerabilities that were discovered in the Android OS. It includes patches for 10 critical and over a dozen high-risk vulnerabilities.
The most critical security vulnerability was found in the Media framework. It could enable an attacker to use a special file to run code in the context of a privileged process to compromise the device. Google says that it has received no reports of these issues being exploited against users.
In addition to the Google patches, this update also brings patches for 13 Samsung Vulnerabilities and Exposures (SVE) items. They’re the vulnerabilities that were found in Samsung’s own software. One of which allowed the Gallery to leak contents in Private Mode even when Private Mode was disabled. A vulnerability in the Quick Panel which allowed for Bluetooth to be enabled and disabled without authentication in the lock screen state has been addressed as well.
Samsung is now going to begin the process of sending out the update to compatible devices. It may be a few days after the first July 2019 security patch rolls out for a Galaxy device. We’ll be sure to let you know when that happens.