Google Detects New Android Security Flaw That Affects Pixel & Samsung Phones
Jyotis - Oct 07, 2019
The good news is that despite being tagged as “critical”, this security flaw didn’t appear as hazardous as many other zero-day flaws.
- Google To Ban Some Loan Apps From Its Play Store
- Google Street View Caught On Camera Couple’s Racy Scene
- Google Chrome Launches AI-based Feature To Describe Images For Low-Vision Users
Researchers under the Project Zero of Google have recently detected a security flaw in the Android platform that can affect smartphones from many different brands. They reveal that the Israeli tech company NSO Group exploited this ‘zero-day’ vulnerability in the real-life. They refer to it as the Pegasus interception software.
The victims of this security flaw included smartphones running Android 8.x and the higher versions of Android. However, many may be surprised that this bug, in fact, was fixed in the previous versions of Android including 3.18, 4.4, and 4.9, and now, it has come back.
Google researchers point out the vulnerability on Android OS has affected many famous smartphones such as LG Oreo, Oppo A3, Moto Z3, Xiaomi Redmi 5A, Xiaomi Redmi Note 5, Xiaomi Mi A1, Samsung S8, Samsung S7, Samsung 9, Huawei P20, and even Pixel 2 from Google itself. All of these smartphones are running Android 9 or Android 10.
The good news is that despite being tagged as “critical”, this vulnerability didn’t appear as hazardous as many other zero-day flaws.
Explaining on Android’s official forum, a spokesperson said, “This issue is rated as High severity on Android and by itself requires installation of a malicious application for potential exploitation. Any other vectors, such as via web browser, require chaining with an additional exploit.”
The spokesperson also added, “We have notified Android partners and the patch is available on the Android Common Kernel. Pixel 3 and 3a devices are not vulnerable while Pixel 1 and 2 devices will be receiving updates for this issue as part of the October update.”