There is always an exploit ready. In fact, many phones and software systems are designed with the flaws so that the Deep State can take advantage of it all. But when others discover them, security patches are then needed.
Google’s Pixel update this month came with a significant and concerning security alert. Among the numerous updates and Android’s quarterly feature drop, a high-severity firmware vulnerability, identified as CVE-2024-32896, was highlighted. Google has warned that this zero-day vulnerability “may be under limited, targeted exploitation.”
The U.S. government, recognizing the potential threat, has mandated that all federal employees update their Pixel devices by July 4, or cease using them. This urgent directive from the Cybersecurity and Infrastructure Security Agency (CISA) emphasizes the importance of updating devices to protect against this vulnerability. Enterprises and personal users should also heed this warning, particularly if their devices are connected to any organizational systems.
Google has issued an urgent update for Pixel devices due to a severe vulnerability (CVE-2024-32896). The U.S. government mandates federal employees update by July 4. This zero-day vulnerability is actively exploited, so all Pixel users should update immediately. pic.twitter.com/T0QTx2XkWM
— Zoomblings (@techKwabs) June 24, 2024
The CISA’s Known Exploited Vulnerabilities (KEV) catalog describes the issue simply as an “unspecified vulnerability in the firmware that allows for privilege escalation.” While Google has not provided extensive details, GrapheneOS, an organization focused on privacy and security, has offered some insights. According to them, this vulnerability is the second part of a fix for issues reported in April that are being actively exploited by forensic companies.
The troubling aspect is that this vulnerability is not confined to Pixel devices alone. GrapheneOS mentions that while the issue has been addressed in Pixel devices with the June update (Android 14 QPR3), other Android devices may remain vulnerable until they update to Android 15. If these devices do not receive the Android 15 update, they might not get the necessary fix, as it has not been backported to earlier versions.
If you have a Pixel phone, update it now. Google just fixed more than 50 flaws that could put your data at risk. Tell your employees to do the same. If you need help securing your devices, get in touch#Google #PixelPhone #update https://t.co/MqCFHZnhTo
— Nye Technology Solutions (@NyeTechnology) June 24, 2024
GrapheneOS describes the vulnerabilities as relating to memory not being wiped when booting into firmware-based fastboot mode, which could allow exploitation of previous OS memory, and issues with the AOSP device admin API relying on reboot-to-recovery to wipe before Android 14 QPR3. These vulnerabilities, they warn, are currently not being addressed outside of Pixel devices.
The urgency of this issue is underscored by other recent security concerns in the Android ecosystem. A report highlighted the dangers of Play Store freeware, and Zscaler identified over 90 malicious applications with more than 5.5 million installs on the Play Store. Additionally, Check Point’s cyber team recently detected an Android trojan, Rafel, which has been used in at least 120 malicious campaigns. This trojan can infect a wide range of Android versions, from the oldest unsupported ones to the most recent.
Government workers are being told to immediately update their Pixel phones to patch a serious exploit https://t.co/h0vSQaAWLS
— Dave Schroeder 🇺🇸 (@daveschroeder) June 24, 2024
Given this alarming backdrop, it’s crucial that all Pixel owners update their devices promptly before the July 4 deadline. The update should download automatically, but a manual check and reboot may be necessary to ensure it fully installs. This action is vital to safeguard against potential exploitation of the vulnerability and maintain device security.
Instructions for checking and updating your Pixel device can be found on Google’s support pages. Users of other Android devices should stay vigilant and watch for updates, as their devices may also be at risk until they receive the necessary fixes.
Key Points:
i. Google has identified a high-severity firmware vulnerability (CVE-2024-32896) in Pixel devices, potentially under limited, targeted exploitation.
ii. The U.S. government, through CISA, has mandated federal employees update their Pixel devices by July 4 to mitigate the risk.
iii. The vulnerability, discovered by GrapheneOS, relates to memory not being wiped in firmware-based fastboot mode, posing a significant security risk.
iv. The issue has been fixed in Pixel devices with the June update (Android 14 QPR3), but other Android devices may remain vulnerable until they update to Android 15.
v. Recent security threats in the Android ecosystem, including malicious apps on the Play Store and the Rafel trojan, highlight the importance of promptly updating devices to maintain
Fallon Jacobson – Reprinted with permission of Whatfinger News
