Google releases Pixel update to get rid of surveillance vulnerability

Last month, it was discovered that an inactive piece of software that ships on all Google Pixel smartphones presented a potential security vulnerability for device owners. The company quickly said it would remove “Showcase.apk,” which was created years ago “for Verizon in-store demo devices and is no longer being used.” But on the off chance it were ever exploited, cybersecurity firm iVerify found that the software could make phones “accessible to hackers and ripe for man-in-the-middle attacks, code injection, and spyware.” The flare-up was enough for Palantir to implement a companywide ban on Android devices.

At the time, Google told us that it had “seen no evidence of any active exploitation,” and with today’s release of the monthly Pixel software update, it’s getting rid of Showcase.apk altogether. The release notes confirm that the September patch includes a fix to “remove third-party APK to address security vulnerability.”

Other than that, it’s a very small update, with improvements to Wi-Fi stability and performance for Google’s brand-new Pixel 9 portfolio as the only other bullet point. Bigger software upgrades await next month; that’s when Google plans to roll out Android 15 to its devices. The major OS update was released to the Android Open Source Project (AOSP) today, but it’ll be a few more weeks until it’s ready for Pixel hardware.