Number: AV16-182
Date: 8 November 2016
Purpose
The purpose of this advisory is to bring attention to the Android Security Bulletin for November.
Assessment
The Android Security Bulletin addresses security updates for 48 vulnerabilities (15 Critical, 23 High, and 10 Moderate). The 15 vulnerabilities tagged as critical have the possibility of remote code execution and/or privilege escalation.
CVE References: CVE-2012-6702, CVE-2014-9675, CVE-2014-9908, CVE-2015-0410, CVE-2015-1283, CVE-2015-8961, CVE-2015-8962, CVE-2015-8963, CVE-2015-8964, CVE-2016-0718, CVE-2016-2184, CVE-2016-3904, CVE-2016-3906, CVE-2016-3907, CVE-2016-5195, CVE-2016-5300, CVE-2016-6136, CVE-2016-6698, CVE-2016-6699, CVE-2016-6700, CVE-2016-6701, CVE-2016-6702, CVE-2016-6703, CVE-2016-6704, CVE-2016-6705, CVE-2016-6706, CVE-2016-6707, CVE-2016-6708, CVE-2016-6709, CVE-2016-6710, CVE-2016-6711, CVE-2016-6712, CVE-2016-6713, CVE-2016-6714, CVE-2016-6715, CVE-2016-6716, CVE-2016-6717, CVE-2016-6718, CVE-2016-6719, CVE-2016-6720, CVE-2016-6721, CVE-2016-6722, CVE-2016-6723, CVE-2016-6724, CVE-2016-6725, CVE-2016-6726, CVE-2016-6727, CVE-2016-6728, CVE-2016-6729, CVE-2016-6730, CVE-2016-6731, CVE-2016-6732, CVE-2016-6733, CVE-2016-6734, CVE-2016-6735, CVE-2016-6736, CVE-2016-6737, CVE-2016-6738, CVE-2016-6739, CVE-2016-6740, CVE-2016-6741, CVE-2016-6742, CVE-2016-6743, CVE-2016-6744, CVE-2016-6745, CVE-2016-6746, CVE-2016-6747, CVE-2016-6748, CVE-2016-6749, CVE-2016-6750, CVE-2016-6751, CVE-2016-6752, CVE-2016-6753, CVE-2016-6754, CVE-2016-6828, CVE-2016-7910, CVE-2016-7911, CVE-2016-7912, CVE-2016-7913, CVE-2016-7914, CVE-2016-7915, CVE-2016-7916, CVE-2016-7917
Suggested Action
CCIRC recommends that system administrators look with their respected Android phone vendor and carrier when the update will be available and test and deploy the vendor-released updates to affected applications accordingly.
References:
Android Security Bulletin:
https://source.android.com/security/bulletin/2016-11-01.html