Google Researchers Discover Severe Vulnerabilities in the Galaxy S22, Pixel 6 & Pixel 7 Exynos Modem

If you own any phone in the Samsung Galaxy S22, Google Pixel 6, or Pixel 7 series then you should disable VoLTE and VoWiFi until the March security update is installed. ~~~~~ Hi! Don't forget to like the video, subscribe to the channel, and hit the "Thanks" button on this video, if you can, and join our channel community here - /channel/UCnowc_KHgjVNj3Y-E-oQ8aw/join Video Description ~~~~~~~~~~~~~~~~~ Google has a security team named Project Zero and for the last 6 months or so they have discovered 18 different vulnerabilities in the Exynos Modem used in the Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, and Pixel 7 Pro. These vulnerabilities have also been found in other devices using this modem including the Vivo S16, S15, S6, X70, X60, and X30 series. Samsung Galaxy S22, M33, M13, M12, A71, A53, A33, A21, A13, A12, and A04 series phones also use this modem and are vulnerable to these exploits as well. #GooglePixel #SamsungGalaxy #GalaxyS22 #GalaxyS22Ultra #GalaxyS22plus #GooglePixel7 #googlepixel7pro #pixel7 #pixel7pro Four of these 18 vulnerabilities will allow an attacker to remotely compromise a phone at the baseband level. And what makes this even worse is that these attacks require zero user interaction. All the attacker needs to know if your phone number and they will be able to gain access to your device and your data. Now, the other 14 exploits are not as critical since they require an attach directly from the mobile network operator. . .or someone with local access to your device. But these still considered critical vulnerabilities and need to be patched ASAP. Usually when a research developer discovers these types of exploits they disclose them to the public quickly. However, Project Zero has made an exception with these 4 critical security holes and have delayed disclosure due to how they allow for remote code execution at the baseband level. The good news is that these security issues are fixable and that the update to patch them began rolling out earlier this week. The bad news is that OTA updates tend to take along time, even for Google Pixel devices, and I'm seeing many reports from people who are still running the February security update. Some OEMs also tend to take their time pushing out these types of over-the-air updates. So if you have any of the devices listed here, then you will want to install that March security update as quickly as possible. While waiting for these updates to be rolled out, Google's Project Zero are advising people to disable VoLTE and VoWiFi until you get the March Security Update installed. This can be done by opening up the Settings app Selecting the Network & Internet option Tapping on the SIM card you have installed Choosing the WiFi Calling option And disabling this feature using the toggle there Then, go back to the SIM card you have and disable VoLTE via the 4G Calling toggle These names and these menus could look different on your device as these screenshots were taken from a Google Pixel smartphone. But you should be able to quickly find the VoLTE and VoWiFi toggles from within the SIM section of the Settings application. It sucks that these devices are vulnerable to these types of attacks, but it's good that they have been discovered and patched. This is why installing monthly security updates are important, and it's why you should get phones from companies who have a good track record of pushing them out as quickly as possible. Still, even if you aren't able to get this update installed, for whatever reason, then go through those steps and disable those two features so your device and your data remain secure. Mentioned Links ~~~~~~~~~~~~~~~~~ Project Zero Blog - https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html As an Amazon associate, I may earn a commission on sales from the links below. The Gear I Use ~~~~~~~~~~~~~~~~~ 5W "Slow" Charger - https://amzn.to/2OaUMV8 Fast Charger - https://amzn.to/3rtBsC6 MicroUSB Cable - https://amzn.to/38dkpeM USB-C Cable - https://amzn.to/2OqlTvi TPU Cases - https://amzn.to/38g9b9w USB-C to 3.5mm Dongle - https://amzn.to/3rVt7c3 USB-C to 3.5mm DAC - https://amzn.to/3CyksSJ NVIDIA Shield TV - https://bit.ly/3KA17RV

Category