It’s time again for another PSA about updating your old-to-semi-old Android devices, this time to protect your smartphones and tablets from a newly discovered exploit that could let hackers take control of an Android device via malicious code embedded in video files played on the device.
The vulnerability — described in detail in a recent Android Developers security bulletin — affects all Android devices running Nougat (version 7), Oreo (version 8), and Pie (version 9). Google rolled out a security update on July 5 that patches the exploit, and it’s worth downloading and installing your device for some extra peace of mind. (So far, Google hasn’t seen any evidence of this vulnerability being exploited by attackers, and updating your device is the best way to ensure it stays that way.)
You don’t need to worry about playing videos in apps like Messenger, YouTube, or WhatsApp, since they modify the original video file, thus disabling the hack. If you’re downloading random videos from the web to watch on your phone, however, Google’s latest patch is a must-have — just in case.
How to install Google’s security patch
To check if your device is already up to date, go to System > About Phone, then tap “Android version.” (note: this may be different depending on which version of Android you’re running and your specific device). If your device has installed the July 5 security update or later, then your device is safe. If not, you should update Android immediately to patch the security bug.
As with finding your version number, downloading and installing the new patch will vary slightly based on your device and OS version. However, those with a Pixel running Android 9, which is what we’re using, can download the patch by going to Settings > System > Advanced > System update. Tap “Check for Update” and install the update if one is available.