Posted on December 9, 2021 at 6:54 PM
Vulnerability Found In Google Pixel Devices – Users Urged To Update Immediately
A Google Pixel user was recently prevented from calling 911 on their device because of a vulnerability caused by Microsoft teams.
The smartphone user complained that he was unable to make 911 calls from his device, but the tech giant has responded to the complaint, saying a bug in the Microsoft team app is causing the issue.
The Glitch Is Caused By The Microsoft Team App In The Pixel Device
The user, who was complaining in a Reddit forum, stated that their Pixel device was freezing whenever they try to place a call to the emergency number.
In response, Google stated that it has conducted an investigation into the issue and discovered that the glitch is a result of the Microsoft Teams app being installed on the Pixel device.
The spokesperson added that the vulnerability only occurred for Pixel devices that run Android 10 or above when Microsoft Team was installed. However, it appears that no account was logged into the app.
Patch To The Bug Would Be Available Soon
Microsoft noted that it’s aware of only one user report related to the issue and has determined that the problem is caused by the interactions between the Microsoft Team app and the underlying Android operating system.
The tech giant stated that both companies are prioritizing resolving the problem and the update to the vulnerability will soon be available.
Meanwhile, Google has advised users of the Pixel device who have the Microsoft Team app installed in their device to uninstall the app as soon as possible. However, only those users with Android 10 or above, where an account is not logged into the app are affected.
The solution will be addressing the vulnerability for a short time, and affected users are expected to apply updates to the devices when the patch is rolled out.
“We advise users to keep an eye out for an update to the Microsoft Teams app, and ensure it is applied as soon as available,” Google stated.
The latest discovery is coming barely two months after Google announced the availability of recent security patches for Android. The update was aimed at addressing more than 50 bugs in the mobile operating system.
The most critical of the bugs was the security vulnerability discussed in the October 2021 security Bulletin that could be exploited to achieve remote code execution.
The first part of the security issues resolved includes 10 vulnerabilities, while the second part includes 40 bugs, of which 3 of them are rated highly severe.
Google Rolls Out December 2021 Security Updates
The latest vulnerability in Google Pixel is coming at a time when Google is about to roll out its security updates for December 2021.
According to Google, the updates will include patches for 46 vulnerabilities, with several of them having a high severity rating.
Google explains that the most severe of the addressed vulnerabilities is an information leakage bug in the Media framework. According to the tech giant, the issue results in remote information disclosure with no additional privileges required for execution.
Moreover, Google addressed two information disclosure vulnerabilities in the Media framework component at the beginning of the month. The bugs, CVE-2021-0964 and CVE-2021-0967 are both part of the 2021-12-01 security patch levels.
The same update level contains patches for three more bugs in Framework, one for information disclosure and two are for the elevation of privilege.
Users Are Urged To Update Their Devices As Soon As Possible
For the second part of the Google Android Security Bulletin, the tech giant provided details of 31 bugs it intends to patch this month. According to the report, most of the vulnerabilities in the second part affect Qualcomm closed-source components.
The patch will be fixing three bugs in Qualcomm components, two in MediaTek components, three in Kemel components, and one vulnerability in the Media framework. The majority of the vulnerability, 22, will be fixed in Qualcomm closed-source components.
Google has also stated that devices that run a security patch level 2021-12-05 or later version have patches for all three vulnerability types, including those addressed with previous security updates.
The latest security patch will also include the latest vulnerability found in the Google Pixel that prevents users from making 911 calls. The tech giant has asked users to effect changes to their systems immediately and install the patch to avoid exposing their systems to exploitation.