Google kicked off its first Android Security Bulletin of 2020 patching a critical flaw in its Android operating system, which if exploited could allow a remote attacker to execute code. Compared to last year’s monthly tally, the number of CVEs patched this month were relatively few.
The remote-code-execution (RCE) flaw was one of several critical- and high-severity vulnerabilities that made up seven CVEs tracked overall this month. Qualcomm, whose chips are used in Android devices, also patched a mix of 29 high and medium-severity vulnerabilities as part of the January bulletin.