Subj : Google rolls out huge security update to Pixel phones, squashing
To   : All
From : TechnologyDaily
Date : Sat Jun 15 2024 04:15:05

Google rolls out huge security update to Pixel phones, squashing 50 
vulnerabilities

Date:
Sat, 15 Jun 2024 03:00:20 +0000

Description:
The patch addresses a bug that could've given bad actors to your phone, 
however it continues to exist on other Androids.

FULL STORY
======================================================================

June 2024 has been a big month for Pixel smartphones. Not only did Gemini 
Nano roll out to the Pixel 8a , but Google also released a huge security 
update to multiple models. 

It addresses 50 vulnerabilities, ranging in severity from moderate to 
critical. One of the more insidious flaws is CVE-2024-32896, which Toms Guide 
states is an elevation of privilege (EoP) vulnerability. 

An EoP refers to a bug or design flaw that a bad actor can exploit to gain 
unfettered access to a smartphones resources. Its a level of access that not 
even a Pixel owner normally has. Even though its not as severe as the others, 
CVE-2024-32896 did warrant an extra warning from Google on the patchs Pixel 
Update Bulletin page , stating it may be under limited, targeted 
exploitation. 

In other words, it's likely bad actors are going to be targeting the flaw to 
infiltrate a Pixel phone, so its important that you install the patch. 
Installing the fix 

The rest of the patch affects other important components on the devices, such 
as the Pixel Firmware fingerprint sensor. It even fixes a handful of Qualcomm 
and Qualcomm closed-source components. 

Googles patch is ready to download for all supporting Pixel phones, and you 
can find the full list of models on the tech giants Help website here . They 
include but are not limited to the Pixel Fold , Pixel 7 series, and the Pixel 
8 line. 

To download the update, go to the Settings menu on your Pixel phone. Go to 
Security & Privacy, then to System & Updates. Scroll down to the Security 
Update and hit Install. Give your device enough time to install the patch and 
then restart your smartphone. Existing on Android 

Its important to mention that the EoP vulnerability seems to exist on 
third-party Android hardware; however, a fix wont come out for a while. As 
news site Bleeping Computer explains, the operating systems for Pixel and 
Android smartphones receive security updates at different times. The reason 
for this separate rollout is that third-party devices have their own 
exclusive features and capabilities. One comes out faster than the other. 

Developers for GrapheneOS, a unique version of Android that is more focused 
on security, initially found the flaw in April. In a recent post on X (the 
platform formerly known as Twitter), the team believes non-Pixel phones 
probably wont receive the patch until the launch of Android 15. If you dont 
get the new operating system, the EoP bug probably won't get removed. The 
GrapheneOS devs claim the June update has not been backported. 

Be sure to check out TechRadars list of the best Android antivirus apps for 
2024 if you want even more protection. You might also like Android phones can 
now edit text messages, just like the iPhone Android 15 could give your phone 
a 3-hour battery boost Fresh Google Pixel 9 leak hints at a modest 
performance boost over the Pixel 8



======================================================================
Link to news story:
https://www.techradar.com/computing/software/google-rolls-out-huge-security-up
date-to-pixel-phones-squashing-50-vulnerabilities


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.