OWNERS of Android smartphones have been urged to update their devices after a ‘bug catcher’ found a major cyber flaw.
The flaw allows cyber crooks to take over devices, which Google’s security team said “may be under limited, targeted exploitation”.
The cyber flaw, tracked as CVE-2024-36971, has been given a “high” severity rating by Google.
Cyber researchers have branded it a “zero-day attack”.
This means it has been exploited by hackers before developers have had a chance to fix it.
Clément Lecigne, a security researcher from Google’s Threat Analysis Group (TAG), first discovered and reported this zero-day vulnerability, according to Google’s source notes.
Google has not revealed how exactly the flaw is being exploited, or what threat actor is behind the attacks.
It’s also unclear if there are particular Android devices that are being targeted.
How to update your Android
If you miss an update notification, you can update your device this way:
- Open your device’s Settings app.
- Tap System > Software update.
- You’ll find your update status. Follow any steps on the screen.
Tip: If you have a Pixel device, it may say ‘Software updates’.
As noted by BleepingComputer, Google TAG security researchers frequently identify and disclose zero-day flaws that are used in state-sponsored surveillance software attacks to target high-profile individuals.
Hackers are likely to have used the cyber flaw to gain remote control over devices without user interaction, according to BleepingComputer.
Most read in Phones & Gadgets
Though this is only possible on unpatched devices.
The Android security patch for this flaw, dubbed 2024-08-05, fixes 45 other vulnerabilities.
It’s important to note that Google has released two security updates for August: 2024-08-01 and 2024-08-05.
Make sure you have the most recent update, to avoid falling victim to the latest cyber gap.
Must-know Android tips to boost your phone
Get the most out of your Android smartphone with these little-known hacks: