in May together with a strong recommendation to deploy the update on affected devices as soon as possible.”
Google spokesperson Ed Fernandez told TechCrunch that the company’s Pixel devices are not affected by these Qualcomm vulnerabilities.
Kimberly Samra, a spokesperson for Google’s TAG did not immediately provide more information about these vulnerabilities, and the circumstances in which TAG found them.
Qualcomm acknowledged the fixes. “We encourage end users to apply security updates as they become available from device makers,” said company spokesperson Dave Schefcik.
Chipsets found in mobile devices are frequent targets for hackers and zero-day exploit developers because chips generally have wide access to the rest of the operating system, which means hackers can jump from there to other parts of the device that may hold sensitive data.
In the last few months, there have been documented cases of exploitation against Qualcomm chipsets. Last year, Amnesty International identified a Qualcomm zero-day that was being used by Serbian authorities, likely by using phone unlocking tool maker Cellebrite.
Updated to include Qualcomm’s spokesperson comment.
