Newlin brought this issue to Google’s attention, leading to a security fix for Android devices running versions 11 through 14.
Find the fix
Supported Pixel devices are expected to receive the patch in December’s security update. However, devices operating on older Android versions remain vulnerable. Shockingly, ChromeOS is the sole Linux-based OS that has been patched, leaving popular distros like Ubuntu, Debian, Fedora, and Gentoo exposed to potential hacking threats.
While Apple has been made aware of the issue, a definitive timeline for a patch remains elusive. This revelation underscores the need for users to stay vigilant about potential security issues on their devices.
Bug bounty programs, like the one offered by Google, play a crucial role in fortifying digital security. By rewarding researchers for uncovering vulnerabilities, these programs encourage a proactive approach to identifying and resolving potential threats.
Vicki Li is a Senior Security Engineer at Instacart. She got her start as a bug hunter. She wrote, Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities. Li is teaching white hat hackers how to become a bug bounty hunter.
