Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Top News
Top News

Google Confirms Serious Zero-Day Threat For Android Devices

Google CEO Sundar Pichai attends AI forum in Washington

Google has recently confirmed a serious new zero-day threat for Android devices, specifically targeting a vulnerability in the Android kernel. This vulnerability, identified as CVE-2024-36971, could potentially lead to remote code execution with System execution privileges required. The fix for this issue is included in Android's August security update.

While Google is expected to promptly patch its own Pixel devices, Samsung Galaxy users may have to wait for the update to be rolled out to their devices. Samsung released details of its August security firmware update around the same time as Google's warning, but it does not include the fix for the newly identified threat. However, the update does address critical fixes, including the resolution for a previous zero-day vulnerability from June.

Google has announced that source code patches for the new threat will be released to the Android Open Source Project (AOSP) repository within the next 48 hours. This indicates that Galaxy users may have to wait until September, unless Samsung accelerates its update process.

Device updates from Samsung typically occur gradually, with flagships and newer models receiving updates sooner than older devices. The collaboration between Google and Samsung is crucial in ensuring that Galaxy users receive timely security patches.

While specific details about the zero-day threat are not yet available, the involvement of Google TAG's Clement Lecigne suggests that it could be a sophisticated exploit, possibly at an APT or state-level.

Given the security implications and the need for swift action, it is essential for Samsung to prioritize the release of the fix to ensure the protection of its users. The potential impact on Galaxy users, as well as the comparison with Apple's iPhone security standards, highlights the importance of timely updates in the Android ecosystem.

As the situation unfolds, it will be interesting to see how government agencies like CISA respond to the threat and whether any advisories are issued. Galaxy users are advised to stay informed and watch for updates as the situation progresses.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.