X

Google Pixel vulnerability is worrying even the US government

Pictured: Jean Leon
By Jean Leon
June 24, 2024
Featured image for Google Pixel vulnerability is worrying even the US government

The latest monthly Pixel security update revealed a vulnerability that could be exploited, and that has even worried the US government. Officials were urged to update their phones within a maximum of 10 days or stop using them.

The US government warns federal employees to update their Pixel devices or stop using them

The vulnerability in question is listed as CVE-2024-32896. It could go unnoticed in normal situations, but Google added a note giving it special importance. The note says: “There are indications that CVE-2024-32896 may be under limited, targeted exploitation.” The entry is listed as “High Severity.”

Google has not revealed more specific details about the vulnerability. However, the US government warned all federal employees that “Android Pixel contains an unspecified vulnerability in the firmware that allows for privilege escalation.” The term “privilege escalation” refers to the fact that exploiting the vulnerability potentially allows the capture or access of the data of the attacked person.

It’s noteworthy that the vulnerability that is worrying the U.S. government is a “zero-day exploit.” This means that it was already present for a while but had not been detected by the OS developer or phone manufacturer. Therefore, there was no patch available yet to fix it.

Fix available with the QPR3 update

It’s noteworthy that, for Google Pixel devices, the fix is available with the latest Android 14 QPR3 (June) update. So, it is recommended that all Pixel device users update their devices if they have not already done so. That said, the GrapheneOS team says that the vulnerability could also be present in Android devices from other brands. However, the fix for them will be available with Android 15.

It is very unlikely that your device will be the target of an attack using the CVE-2024-32896 vulnerability. After all, Google is using the term “limited, targeted exploitation,” in the listing. However, it never hurts to keep your mobile device up-to-date in terms of security. You can update your Pixel device by going to Settings > System > Software Updates.