Recently, tech giant Google has released a security update, successfully addressing 50 security vulnerabilities in its Pixel devices.
Of particular note is Google’s emphasis on a security vulnerability tracked as CVE-2024-32896, which they have pointed out could allow threat actors to illegitimately escalate privileges. Security experts have already discovered evidence of this vulnerability being exploited in the wild.
Google has repeatedly stressed that there are indications that the CVE-2024-32896 security vulnerability may have been used in limited targeted attack activities. Therefore, Google is urging all Pixel users to immediately install the security update on their devices to mitigate security risks to the maximum extent and safeguard the security of their devices.
The security update released by Google this time also addresses 44 other security vulnerabilities directly impacting Pixel devices, including 7 privilege escalation vulnerabilities. Once exploited by threat actors, these vulnerabilities could potentially trigger larger security crises.
For more information on the June updates for Pixel devices, please refer to Google’s Smartphone Security Advisory. To apply the update, Pixel users need to go to “Settings” > “Security & privacy” > “System & updates” > “Security update,” click “Install,” and then restart the device to complete the update process.
In April 2024, Google also addressed two additional 0day vulnerabilities in Pixel devices, which forensic companies used to unlock phones without a PIN code or access to data. The CVE-2024-29745 security vulnerability was marked as a high-risk vulnerability related to information leakage in the Pixel bootloader, while CVE-2024-29748 was marked as a privilege escalation vulnerability in Pixel firmware.
(Source: https://www.securitylab.ru/news/549172.php)