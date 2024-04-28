



Google TV and Android TV devices are already patched

Overview Google has released an update that fixes a recent vulnerability that exposed users' Google Account details when using public settings on Android TV. Google said sideloaded versions of Chrome will not automatically use Google Account login tokens, protecting sensitive information. A YouTuber first brought the security flaw to the world's attention in January, when Google initially said it was intended behavior but later acknowledged the problem and decided to fix it. became.

The Android TV vulnerability, first discovered earlier this year, made headlines last week following an extensive report by 404 Media. Simply put, this exploit could allow sensitive information in your Google Account, including your Gmail inbox, to be compromised if you sign into your Google Account at a public Android TV setup, such as a hotel or similar establishment. Google has since confirmed that it has already sent out an update fixing this bug for Google TV and Android TV devices, but the company has not done anything to curb this potentially damaging security exploit. Details are now available.

In a statement to 9to5Google, the company said the sideloaded version of its Chrome browser will not automatically use a user's Google Account login token in apps like Drive and Gmail. Google also told 9to5 that this bug fix will be applied to Google TV and Android TV devices through an app update. This means that even older hardware can be protected from this particular loophole, as 9to5Google points out.

Why did it take Google so long to respond?

To give you a little background, this particular flaw in Android TV was first revealed by YouTuber Cameron Gray way back in January, as you can see in the video embedded above. Gray warned users against using hotel or BnB Android TV units to sign in to their Google accounts, citing potential security concerns. The matter then reached the office of Sen. Ron Wyden (R-Ore.), a member of the Senate Select Committee on Intelligence. According to his 404 Media report published this Thursday, Google initially told the senator's office that the vulnerability was expected behavior.

Google took the issue more seriously after this publication reached out for comment, later saying that “this described behavior is no longer allowed on most Google TV devices running the latest versions of the software.” The company added that it will issue a fix for other devices. Although this particular vulnerability should have been widely fixed by now, it begs the question why Google didn't take this issue seriously when it was first disclosed in January.

Sources 1/ https://Google.com/ 2/ https://www.androidpolice.com/google-explains-recent-android-tv-security-exploit/ The mention sources can contact us to remove/changing this article

