Google discloses new Zero-Day exploit for Android affecting Samsung, Xiaomi and more

Google itself has published proof of concept for the Android OS vulnerability.


Google has recently discovered a new vulnerability in its Android OS' kernel code which is affecting not only Pixel smartphones but also those from Xiaomi, Samsung, Huawei and others. A zero-day status has been given to this bug as Google says that instances of it have been found of it being used in the real world.

Google discloses new Zero-Day exploit for Android affecting Samsung, Xiaomi and more

Stock image of Google search page.

An Israeli company called the NSO Group has exploited this vulnerability and it has been known to also create the mobile spyware Pegasus. Google itself has published the proof of concept for the Android OS vulnerability, for users to check if other smartphones are also affected by it.

As per the report, the vulnerability can be exploited when the target installs a malicious app and it can be used to gain root access of a device. "It is a kernel privilege escalation using a use-after-free vulnerability, accessible from inside the Chrome sandbox," said the post.

Google says that all its Android partners have been notified about this exploit and has made the patch available on the Android Common Kernel as well. For Pixel and Pixel 2 users, the October security update will give you the patch for this exploit while Pixel 3 users are not affected by it.

Pixel, Pixel XL, Pixel 2, Pixel 2 XL, Huawei P20, Redmi 5A, Redmi Note 5, Mi A1, Oppo A3, Moto Z3, Oreo LG phones, Samsung Galaxy S7, Samsung Galaxy S8, and Samsung Galaxy S9 are in the list of devices that have been affected by this bug.

Find latest and upcoming tech gadgets online on Tech2 Gadgets. Get technology news, gadgets reviews & ratings. Popular gadgets including laptop, tablet and mobile specifications, features, prices, comparison.