Security News > 2024 > June > Google patches exploited Android zero-day on Pixel devices
![Google patches exploited Android zero-day on Pixel devices](/static/build/img/news/google-patches-exploited-android-zero-day-on-pixel-devices-medium.jpg)
Google added a new CVE ID to track the Pixel fix for CVE-2024-29748, a vulnerability exploited by several forensics companies, as BleepingComputer reported in April.
"It's fixed on Pixels with the June update and will be fixed on other Android devices when they eventually update to Android 15. If they don't update to Android 15, they probably won't get the fix, since it has not been backported. Not all patches are backported."
Google has released patches for 50 security vulnerabilities impacting its Pixel devices and warned that one of them had already been exploited in targeted attacks as a zero-day.
"All supported Google devices will receive an update to the 2024-06-05 patch level. We encourage all customers to accept these updates to their devices."
While Pixel devices also run Android, they receive separate security and bug fix updates from the standard monthly patches distributed to all Android OEMs because of their exclusive features and capabilities and the unique hardware platform directly controlled by Google.
In April, Google fixed two other Pixel zero-days exploited by forensic firms to unlock phones without a PIN and access the data.
News URL
Related news
- Google warns of actively exploited Pixel firmware zero-day (source)
- Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day (source)
- Bug hunters can get up to $450,000 for an RCE in Google’s Android apps (source)
- Google fixes fifth Chrome zero-day exploited in attacks this year (source)
- Google fixes Chrome zero-day with in-the-wild exploit (CVE-2024-4671) (source)
- Malicious Android Apps Pose as Google, Instagram, WhatsApp, to Steal Credentials (source)
- Google Chrome emergency update fixes 6th zero-day exploited in 2024 (source)
- Apple and Google add alerts for unknown Bluetooth trackers to iOS, Android (source)
- Google Launches AI-Powered Theft and Data Protection Features for Android Devices (source)
- Android 15, Google Play get new anti-malware and anti-fraud features (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-04-05 | CVE-2024-29748 | Unspecified vulnerability in Google Android there is a possible way to bypass due to a logic error in the code. | 7.8 |