Samsung phones just got a major security update, but a fix for a dangerous Pixel zero-day is still missing

News
By published

Four critical Android flaws patched

Samsung Galaxy S24 Ultra hands-on
(Image credit: Tom's Guide)

If you’ve been holding off on updating your Samsung phone, now is the time to do so, as the Korean hardware giant has released a new security update with fixes for four critical Android security flaws.

While the best Samsung phones will now run the latest software after this update is installed, Forbes points out one glaring omission: a patch for a Pixel zero-day that hackers already use in their attacks.

Here’s everything you need to know about this new security update from Samsung and some tips on keeping your Android phone safe from hackers.

Pixel zero-day also affects Samsung phones

Samsung galaxy s24 hands-ons

(Image credit: Tom's Guide)

Samsung’s July 2024 security patch fixes 25 Android vulnerabilities as well as 33 security flaws that affect its phones and tablets. Four of these 25 Android flaws have been given a critical security rating, while the rest are considered high-risk.

If you own a Samsung phone, you should install this new round of security updates as soon as possible since hackers love to target devices running outdated software in their attacks. Still, though, that unpatched Pixel zero-day remains a cause for concern.

Tracked as CVE-2024-31320, the zero-day is an elevation of privilege (EoP) flaw that can be exploited by hackers in their attacks. In fact, in its June Pixel Update Bulletin, Google revealed that it has seen indications that this particular vulnerability “may be under limited, targeted exploitation” already.

From there, things got so bad that the U.S. government warned all federal employees about this vulnerability, urging them to update their Pixel devices by July 4 or stop using them altogether. Now, though, it appears that this issue is much more widespread than initially thought.

In a statement to Forbes, a Google spokesperson confirmed that this zero-day impacts the entire Android platform. The search giant is working with its OEM partners to roll out a fix for other smartphones besides Pixel devices.

How to keep your Android phone safe from hackers

A hand holding a phone securely logging in

(Image credit: Google)

While we don’t know when a fix for this issue will arrive, given how seriously the U.S. government has responded to this particular threat, you will want to update your Samsung smartphone as soon as it’s released. In the meantime, though, there are some steps you can take to keep your Android phone safe from hackers. 

Keeping your smartphone updated and running the latest software is of the utmost importance, but you also want to ensure that you periodically update all of your apps. Likewise, it’s always a good idea to go through your phone and limit the number of apps you have installed. This is because you might have a malicious app on your phone and not even know it.

After that, you want to ensure that Google Play Protect is enabled on your phone, as it scans all the new apps you download and your existing apps for malware. For extra protection, though, you might also want to consider running one of the best Android antivirus apps alongside it. Plus, many Android antivirus apps include helpful extras like a VPN or even a password manager.

Hackers are always looking for new ways to access our smartphones and their sensitive data. Vulnerabilities and especially zero-day flaws make things even easier for them, so you want to install the latest security updates as soon as they’re released and not put off doing so.

More from Tom's Guide

Anthony Spadafora
Anthony Spadafora
Managing Editor Security and Home Office

Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.