Google Just Fixed a Serious Pixel Vulnerability

Posted on by

There were two important Pixel stories that stood out to me last month. The first was the release of the Pixel 9 series , and that’s what Google wants me to remember. The second, however, was a serious security vulnerability that not only affected Pixel phones, but was built directly into their firmware.

The problem, discovered by mobile threat hunting company iVerify, was caused by an app package called Showcase.apk. The main purpose of this app package was to allow retailers, such as Verizon stores, to switch Pixel devices in the store into a “demo mode” that would alert the version of Android running on the phone. If you’ve ever used a demo phone at one of these stores, you know it doesn’t run “typical” Android.

Not only has Showcase.apk been quietly built into all Pixel phones since at least 2017, but when active, it runs in a “highly privileged context” that allows the app package to affect your phone’s OS. iVerify has discovered that in the unlikely event that an attacker gains physical access to your device and activates the program, they can take over your phone and install malware and spyware on it.

Again, the risk to any given Pixel user was relatively low, but it should have been zero. A suite of apps exclusive to stores like Verizon should never have been included in the firmware of most Pixel devices sold to the public.

Luckily, this is no longer a problem if you take action. On Tuesday, Google released an update for affected Pixel devices that removes Showcase.apk from the firmware. The update also improves Wi-Fi stability and performance.

How to update your pixel

If you have a Pixel 8 or newer, all you have to do to update your phone is activate Google Assistant and say, “Update my phone now.” Android will display an update notification, which you can tap to access the update option.

If you have an older Pixel or this isn’t working for you, go to Settings > System > Software Update . From here you can check for a new update. If available, follow the onscreen instructions to install it.

The following Pixel phones are compatible with this update:

  • Pixel 6

  • Pixel 6 Pro

  • Pixel 6a

  • Pixel 7

  • Pixel 7 Pro

  • Pixel 7a

  • Pixel tablet

  • Pixel fold

  • Pixel 8

  • Pixel 8 Pro

  • Pixel 8a

  • Pixel 9

  • Pixel 9 Pro

  • Pixel 9 Pro XL

  • Pixel 9 Pro Foldable

More…

0
Android

Leave a Reply