You Need To Install The October 2019 Android Security Update ASAP

Dhir Acharya - Oct 08, 2019

Besides Google, Samsung, Huawei, etc., are releasing versions of the Oct 2019 security update to patch a major zero-day exploit on many Android smartphones.

Normally, Android security fixes that Google rolls out every month are for Google devices only; however, Samsung, Huawei, Xiaomi, Oppo, LG, and Motorola are releasing versions of the Oct 2019 security update of their own to patch a major zero-day exploit on many Android smartphones. If your phone is vulnerable to this exploit, make sure you have downloaded the patch right when it’s available, which is a few days from now.

october-2019-android-security-update-1 — Google will roll out the patch today

The bug, which appears in the CVE-2019-2215 security patch, lets hackers remotely root then take full control of your device by requiring the targeted user to install an infected app, or they can use the exploit linked with a Chrome-based loophole for deploying the attack. Below is the list of the phones exposed to this exploit though cautions from the Project Zero team say that other smartphones could be vulnerable too.

Google Pixel, Google Pixel XL, Google Pixel 2, Google Pixel 2 XL
Samsung Galaxy S7, Galaxy S8, Galaxy S9
Huawei P20
Oppo A3
Motorola Moto Z3
Xiaomi A1, Redmit Note 5, Redmi 5A
LG models that run on Android Oreo

The rollout of the Oct 2019 security patch will begin today while other makers will release their own versions in the next few days. So keep yourself updated and you can check for the patch by visiting the Setting app on your phone then search for “System Update.”

october-2019-android-security-update-2 — Google Pixel 2 XL is affected by the exploit

According to Project Zero, the bug was exploited successfully, which makes people question who’s behind it as well as the reason they use it. The exploit is said to have been created by NSO – an Israeli online security company, but it denies the claim that itself or any of its clients, most of which are national security organizations and government groups, are using the exploit on purpose.

Average Android users are not likely to be targeted by anyone behind the bug, but the impact is so severe that you should download and install this security update as soon as it rolls out to your device. And if your phone belongs to the list above, pay extra attention. You need to think carefully before installing apps from unknown sources, make sure your phone has a good anti-virus app, and be smart about your own browsing. You can turn to other mobile browsers other than Chrome too.