With the Google Pixel update this month, many salient features and updates came out for Android, including the quarterly feature CVE-2024-32896 rolling out. The firmware had a major issue of high-severity vulnerability, and Google cautioned users that this weakness could be exploited by bad actors. Users were still coming around the potential threat to their phones when they were presented with another blow of one of the vulnerabilities under attack. While the Pixel Update Bulletin listed the zero-day exploit as High Severity, the U.S. government has decided to intervene and take that matter into its own hands.
Even though Google was unaware of the security vulnerability and could not resolve the issue with a security patch when it first got to know, the zero-day exploit has led to an air of nervousness, especially with the U.S. government stepping in and issuing a strict order regarding the security update.
As reported by Forbes, the government has ordered federal employees to go with either of the two options: discontinue the use of their Pixel devices or update the phone by July 4th. This gives users 10 days to act upon the order. Even if the warning is for government agencies, companies might be following the order, and individuals that connect to the internet of companies should also be going ahead with the security update to safeguard against any potential harm.
Cybersecurity and Infrastructure Security Agency (CISA), in its known Exploited Vulnerabilities KEV listings, laid out the potential security risk in the firmware and warned Pixel users of the flaw. This vulnerability gave attackers a window to access the phone using malicious apps so they could access private information.
GrapheneOS mentioned that the
Read more on wccftech.com