Google has just announced some important updates regarding the security of its Pixel smartphones. According to the news, there are couple of vulnerabilities that some forensic companies have been taking advantage of, but there is no need to be worried as Google is working on it.
Let’s break it down into simpler terms:
CVE-2024-29745: There is a loophole in the bootloader (that’s the part of your phone that starts up everything else) that’s been leaking some information it shouldn’t be.
CVE-2024-29748: Another glitch, this time in the firmware (basically the software that tells your phone’s hardware what to do). This one’s been giving certain folks more power over the phone than they should have.
Google issued a statement on April 2, 2024, letting us know that these issues have been noticed and that they might have been taken advantage of in a few specific cases. But hey, they’re on top of it!
Now, you might be wondering, how exactly are these vulnerabilities being exploited? Well, according to GrapheneOS, a team that keeps an eye on these things, some forensic companies have been rebooting devices into a mode called “fastboot” (which is used for making quick changes to the phone’s software) and poking around where they shouldn’t be. Sneaky, right?
But Google is aware of all this and they’re working to fix it. They’ve even been urged to make it harder for these companies to exploit these kinds of flaws in the future.
This announcement comes after GrapheneOS previously raised concerns about similar vulnerabilities affecting Google Pixel and Samsung Galaxy phones. These sneaky flaws were being used by some forensic companies to snoop on users’ data when their phones were supposed to be resting.
Google is working seriously to get hold of these flaws and get an update as soon as possible. They’re keeping an eye on things and working to make sure your phone stays as secure as possible.
So what’s next? Well, keep an eye out for any updates Google might push to your phone. And in the meantime, wait for an update as people at Google are hard at work keeping your Pixel safe and sound.
Interesting Article : LayerSlider WordPress Plugin Vulnerability: CVE-2024-2879
Pingback: JSOutProx Malware Strikes Financial Giants in APAC and Mena