'ZDNET Recommends': What exactly does it mean?
ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.
When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.
ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.
The September Android update rolls out for Pixel phones - with critical security patches
Pixel phone users (of which I have been one since the Pixel 1) are lucky because they receive Android security patches before anyone else. These security patches are released monthly and although they don't generally include a litany of new features, what they do offer is absolutely crucial to the well-being of your phone and your data.
Also: Why you can still trust (other) password managers, even after that LastPass mess
The September security update addresses 32 vulnerabilities that affect Android OS, specific hardware issues, and other Pixel-specific vulnerabilities as well. These updates are all detailed in the Android Security Bulletin for September 2023 and include four CVEs (Common Vulnerabilities and Exposures) marked Critical. Those critical CVEs are:
- A-274617156 - Accesses a header field after the buffer holding it may have been freed.
- A-273966636 - Can lead to an integer overflow and unexpected behavior.
- A-271335899 - The tx mtu in EATT can be controlled by a remote device.
- A-285902431 * - Memory corruption in WLAN Firmware.
Of course, there are also a number of High severity vulnerabilities that were patched with this update including framework, system, Google Play system, and closed-source components (such as those for Qualcomm hardware).
If you want more details about every vulnerability patched, make sure to click the Security Bulletin link above.
How to update to the latest security patch
What you'll need: The only thing you'll need for this is a Pixel phone. That's it. Let's update.
1. Check your patch level
Open the Settings app either by pulling down the Notification Shade twice and tapping the gear icon or opening the App drawer and tapping the Settings launcher. With Settings open, go to System > System Update. This page will list your patch level. If it's not (at least) September 1, 2023, tap Check for update.
Make sure to routinely check to see if your Android device has the latest security patch.
2. Apply the update
The required file will take a few minutes to download. When the download completes, you'll be prompted to restart your phone to apply the new patch. Do this by tapping Restart now.
If you don't reboot your device now, it will happen automatically in four days.
After the update completes, you should now have the latest security patches on your Android device. Make sure to do this each month to keep your phone protected against known vulnerabilities.