The update for Google Pixel smartphones released earlier this month received a large number of security fixes. Among them was the zero-day vulnerability CVE-2024-32896. Google labeled it as «high risk» and warned users that this vulnerability could be exploited by attackers to attack the device.
The company urged users to install the update to protect themselves from the vulnerability, which contained an escalation of privilege bug that opened up opportunities for attacks. Now, the US government has joined Google’s calls with heavy artillery. In fact, the government gave Google Pixel users two options: either update their phones within 10 days or stop using the device.
According to Forbes, the government has ordered federal employees to choose one of two options: stop using their Pixel devices or update their phones by July 4. So, users have 10 days to comply. Even if the warning applies to government agencies, companies can also comply with this order, and individuals who connect to the companies’ internet should also install security updates to protect themselves from any potential harm.
GrapheneOS noted that the problem was reported back in April, and it is another part of another security issue, the CVE-2024-29748 vulnerability. Despite the creation of patches, they were actively used by forensic companies.
In addition, the company expressed concern that the problem is not limited to Pixel devices, saying that it will also spread to other Android devices and will be resolved when they are updated to Android 15.
Source: wccftech