Google researchers found a serious security flaw on a number of Android devices and oddly, the issue was supposed to be patched back in December 2017. The phones in question are the Pixel, Pixel 2, Huawei P20, Samsung Galaxy S7, S8 and S9. Xiaomi Redmi 5A, Redmi Note 5, Xiaomi A1, Oppo A3 and Moto Z3 are also on the list and require additional patching.
Google says it found the flaw seven days ago but it’s not as serious as it sounds because it requires a malicious software to be installed with the user’s permission. It’s strange that patch that was pushed back in December 2017 wasn’t later maintained in subsequent versions.
The exploit is believed to be used by Israel’s NSO Group – a company that has been implicated in attacks on human rights and political activists.