Google Patches Critical .PNG Image Bug

February 6, 2019

Eleven critical bugs will be patched as part of the February Android Security Bulletin.

Google has patched a critical vulnerability in its current and legacy versions of its Android operating system, which allow an attacker to send a specially crafted Portable Network Graphics (.PNG) image file to a targeted device and execute arbitrary code.

In its February Android Security Bulletin, Google lists three critical Android Framework vulnerabilities (CVE-2019-1986, CVE-2019-1987, CVE-2019-1988), one of which is associated with the .PNG bug. Impacted versions of its Android OS range from Nougat (7.0) to its current Pie (9.0).

Read More on Threat Post