Due to the extremely complex nature of software, sometimes new vulnerabilities are discovered. Companies like Google and Samsung do a pretty good job of ensuring these issues are mitigated, but not in this case. Google has recently sent out a warning for an Android vulnerability that is unpatched.

This comes in the form of the CVE-2024-32896 vulnerability. It was bad enough where the US government ordered all federal employees using Pixel phones to install the latest security update or stop using their devices.

Now, the good news is that the security patch Google released does patch the vulnerability on Pixel phones. Unfortunately, the vulnerability is still unpatched on other Android devices, including phones made by Samsung and other OEMs. Speaking to Forbes, Google confirmed that they are working on it and will be rolling it out as soon as it’s available.

“Android security is aware of this issue, and after further review, this issue does impact Android platform… Pixel devices that have installed the latest security update are protected… we are prioritizing applicable fixes for other Android OEM partners and will roll them out as soon as they are available.”

Samsung did release a security update for July but it does not cover this vulnerability. Instead, the update covers three Qualcomm vulnerabilities, which we suppose is still a good thing. Hopefully the next security patch from Samsung will address this issue. In the meantime, as always you should employ safe practices.

This includes not opening links or attachments from senders you aren’t familiar with. Also, don’t download apps from shady third-party websites just to be safe.