{"id":1615956,"date":"2025-04-08T03:50:09","date_gmt":"2025-04-08T05:50:09","guid":{"rendered":"https:\/\/teknomers.com\/fr\/google-publie-une-mise-a-jour-android-pour-corriger-deux-vulnerabilites-activement-exploitees\/"},"modified":"2025-04-08T03:50:13","modified_gmt":"2025-04-08T05:50:13","slug":"google-publie-une-mise-a-jour-android-pour-corriger-deux-vulnerabilites-activement-exploitees","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/google-publie-une-mise-a-jour-android-pour-corriger-deux-vulnerabilites-activement-exploitees\/","title":{"rendered":"Google publie une mise \u00e0 jour Android pour corriger deux vuln\u00e9rabilit\u00e9s activement exploit\u00e9es"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">08 avril 2025<\/span><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">Ravie Lakshmanan<\/span><\/span><span class=\"p-tags\">S\u00e9curit\u00e9 mobile \/ vuln\u00e9rabilit\u00e9<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><a rel=\"nofollow\" href=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2025\/04\/Google-publie-une-mise-a-jour-Android-pour-corriger-deux.jpg\" style=\"clear: left; display: block; float: left;  text-align: center;\"><\/a><\/div>\n<p>Google a <a rel=\"noopener nofollow\" href=\"https:\/\/source.android.com\/docs\/security\/bulletin\/2025-04-01\" target=\"_blank\">patchs exp\u00e9di\u00e9s<\/a> Pour 62 vuln\u00e9rabilit\u00e9s, dont deux il a d\u00e9clar\u00e9 avoir \u00e9t\u00e9 exploit\u00e9e dans la nature.<\/p>\n<p>Les deux vuln\u00e9rabilit\u00e9s de haute s\u00e9v\u00e9rit\u00e9 sont r\u00e9pertori\u00e9es ci-dessous &#8211;<\/p>\n<ul>\n<li><strong><a rel=\"noopener nofollow\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-53150\" target=\"_blank\">CVE-2024-53150<\/a><\/strong>  (Score CVSS: 7.8) &#8211; Un d\u00e9faut hors limites dans le sous-composant USB du noyau qui pourrait entra\u00eener une divulgation d&#8217;informations<\/li>\n<li><strong><a rel=\"noopener nofollow\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-53197\" target=\"_blank\">CVE-2024-53197<\/a><\/strong>  (Score CVSS: 7.8) &#8211; Un d\u00e9faut d&#8217;escalade du privil\u00e8ge dans le sous-composant USB du noyau<\/li>\n<\/ul>\n<p>&#8220;Le plus grave de ces probl\u00e8mes est une vuln\u00e9rabilit\u00e9 de s\u00e9curit\u00e9 essentielle dans le composant syst\u00e8me qui pourrait conduire \u00e0 une escalade \u00e0 distance de privil\u00e8ges sans aucun privil\u00e8ge d&#8217;ex\u00e9cution suppl\u00e9mentaire&#8221;, a d\u00e9clar\u00e9 Google dans son bulletin de s\u00e9curit\u00e9 mensuel pour avril 2025. &#8220;L&#8217;interaction de l&#8217;utilisateur n&#8217;est pas n\u00e9cessaire pour l&#8217;exploitation.&#8221;<\/p>\n<div class=\"dog_two clear\"><center class=\"cf\"><a rel=\"nofollow noopener sponsored\" href=\"https:\/\/thehackernews.uk\/drata-3\" target=\"_blank\" title=\"Cybersecurity\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"Cybers\u00e9curit\u00e9\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2025\/04\/Pres-de-24-000-IPS-Target-Pan-OS-GlobalProtect-dans-la.png\" width=\"727\" height=\"90\"\/><\/a><\/center><\/div>\n<p>Le g\u00e9ant de la technologie a \u00e9galement reconnu que les deux lacunes pourraient avoir subi une &#8220;exploitation limit\u00e9e et cibl\u00e9e&#8221;.<\/p>\n<p>Il convient de noter que CVE-2024-53197 est enracin\u00e9 dans le noyau Linux et a \u00e9t\u00e9 corrig\u00e9 l&#8217;ann\u00e9e derni\u00e8re, aux c\u00f4t\u00e9s de CVE-2024-53104 et CVE-2024-50302. Les trois vuln\u00e9rabilit\u00e9s, par Amnesty International, auraient \u00e9t\u00e9 encha\u00een\u00e9es pour se lancer dans le t\u00e9l\u00e9phone Android d&#8217;un militant des jeunes serbes en d\u00e9cembre 2024.<\/p>\n<p>Alors que le CVE-2024-53104 a \u00e9t\u00e9 abord\u00e9 par Google en f\u00e9vrier 2025, le CVE-2024-50302 a \u00e9t\u00e9 corrig\u00e9 le mois dernier. Avec la derni\u00e8re mise \u00e0 jour, les trois vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es, branchant efficacement le chemin d&#8217;exploit.<\/p>\n<p>Il y a actuellement des d\u00e9tails sur la fa\u00e7on dont le CVE-2024-53150 a \u00e9t\u00e9 exploit\u00e9 dans les attaques du monde r\u00e9el, par qui, et qui peut avoir \u00e9t\u00e9 cibl\u00e9 dans ces attaques. Les utilisateurs des appareils Android sont invit\u00e9s \u00e0 appliquer les mises \u00e0 jour au fur et \u00e0 mesure que les fabricants d&#8217;\u00e9quipements d&#8217;origine Android les publient.<\/p>\n<p><\/p>\n<div class=\"cf note-b\">Vous avez trouv\u00e9 cet article int\u00e9ressant? Suivez-nous <a rel=\"noopener nofollow\" href=\"https:\/\/twitter.com\/thehackersnews\" target=\"_blank\">Gazouillement <i class=\"icon-font icon-twitter\">\uf099<\/i><\/a>  et <a rel=\"noopener nofollow\" href=\"https:\/\/www.linkedin.com\/company\/thehackernews\/\" target=\"_blank\">Liendin<\/a> Pour lire plus de contenu exclusif que nous publions.<\/div>\n<\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2025\/04\/google-releases-android-update-to-patch.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\ue80208 avril 2025\ue804Ravie LakshmananS\u00e9curit\u00e9 mobile \/ vuln\u00e9rabilit\u00e9 Google a patchs exp\u00e9di\u00e9s Pour 62 vuln\u00e9rabilit\u00e9s, dont deux il a d\u00e9clar\u00e9 avoir \u00e9t\u00e9 exploit\u00e9e dans la nature. Les deux vuln\u00e9rabilit\u00e9s de haute s\u00e9v\u00e9rit\u00e9 sont r\u00e9pertori\u00e9es ci-dessous &#8211; CVE-2024-53150 (Score CVSS: 7.8) &#8211; Un d\u00e9faut hors limites dans le sous-composant USB du noyau qui pourrait entra\u00eener une divulgation [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1615957,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[4807,274266,274265,8738,4168,25646,79002,274264,4161,274263,6124,245,4808,7755,3995,274267,2811,4160,185,2212,238617,246491,4172,79016,196,4166,4164,12365],"class_list":["post-1615956","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-activement","tag-actualites-de-piratage","tag-actualites-des-pirates","tag-android","tag-comment-pirater","tag-corriger","tag-cyber-security-news","tag-cyber-security-news-aujourdhui","tag-cyber-mises-a-jour","tag-cyber-nouvelles","tag-cyberattaques","tag-deux","tag-exploitees","tag-google","tag-jour","tag-malware-ransomware","tag-mise","tag-mises-a-jour-de-la-cybersecurite","tag-pour","tag-publie","tag-securite-de-linformation","tag-securite-du-reseau","tag-securite-informatique","tag-the-hacker-news","tag-une","tag-violation-de-donnees","tag-vulnerabilite-logicielle","tag-vulnerabilites"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/1615956","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=1615956"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/1615956\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/1615957"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=1615956"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=1615956"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=1615956"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}