Update now! Google patches surveillance vulnerability in Pixel phones
What's the story
Google has released an update for its Pixel smartphones to address a potential security vulnerability. The issue was linked to an inactive software component, "Showcase.apk," that was pre-installed on all Pixel devices. This software, originally developed for Verizon in-store demo units and no longer in use, could have been exploited by hackers if activated.
Security threats
Cybersecurity firm highlights potential risks
Cybersecurity company iVerify identified the potential risks associated with the inactive software. If exploited, it could render phones vulnerable to hackers, paving the way for man-in-the-middle attacks, code injection, and spyware. This revelation led Palantir to implement a company-wide ban on Android devices. However, Google has stated that there is "no evidence of any active exploitation" related to this issue.
Update details
Google's response: A software update
In response to the potential security threat, Google has launched a monthly software update for Pixel devices that removes Showcase.apk entirely. The September patch notes confirm this action, stating that the update includes a fix to "remove third-party APK to address security vulnerability." Apart from this security enhancement, the update also improves Wi-Fi stability and performance for the newly launched Pixel 9 series.