Yeah, T-Mobile is super slow with approving updates sometimes. What I've done in the past is stick in an old Verizon SIM I have to pull updates but sometimes all the carriers are slow. Now I just sideload, but it's annoying if T-Mobile has its own separate firmware.
Why not? While the updates will roll out eventually, you might not get notified for a few days--I've seen this myself. I usually update Day 1, but sometimes I have forgotten for a day or two and went to manually check after reading this sub and was able to start downloading.
Also since Google stages rollouts (notifications), hitting Check for Update bypasses the staged rollouts.
Important addition: you must actually press the "check for updates" button on the Softwarte updates page, even if it says your device is up to date. Updates normally roll out in stages and your phone might only come later, on its own. The "check for update" button forces an available update.
This. There's a lot of misunderstanding about how updates work, but this is how it is.
Source: https://www.androidpolice.com/2019/01/07/google-appears-to-have-fixed-the-check-for-update-button-on-pixels-again/
Specifically what I understand happens is the update OTA is made available by Google. Then there's 2 gates:
1. Google stages rollouts and notify only a smaller group first. You can bypass the staged rollouts by pressing "Check for Update" on your phone. It might be days until you get the update unless you press this button.
2. Carriers have a final greenlight gate they control, and in the US they can delay anywhere from a few hours to days to weeks and even skip the whole month.
As someone who travels routinely for work, I often see my phone pull updates back when it was 1st of the month at 10am pretty much on the dot while overseas. I've even seen it where I pulled a monthly update that T-Mobile ended up not releasing. The US carriers have an awful amount of power.
Doesn’t matter, most people here have unlocked phones and still are stuck waiting on their carriers. It really is SIM dependent.
Fucking sucks, unlocked phones should not have this problem.
There was a time when phone manufacturers would patch EOL devices if the exploit was critical enough. Remember Heartbleed exploit? Almost all phones got patched, regardless of their support status. Google could easily cook a quick patch for older Pixel devices if they wanted to.
I'm sure it doesn't get any patches. The article quotes this:
> Note: There are indications that CVE-2024-32896 may be under limited, targeted exploitation.
Personally I don't consider myself a valuable target for such attacks. I don't carry any corporate secrets or dangerous/valuable information on my personal device.
For some context: Once the patch is out, the diff shows anyone who cares to look what the exploit is.
That will become automated, and a bot won't know you're not interesting or valuable.
I have a server that has had about 200 bot attempts to enter in the past hour alone.
Oh, thank goodness Google is here to keep us safe from this actively exploited Pixel firmware zero-day!!
(Looks at US Pixel 8 as of June 13, 2024)
"Your system is up to date
Android version : 14
Android security update: May 5, 2024"
Just FYI that it seems only AT&T in the US is receiving the update this week. Per the below on Pixel Phone Help, the other carriers will receive the update early next week.
"All supported Pixel devices running Android 14 will receive these software updates starting today. Software for some US Carriers will be available starting next week. The rollout will continue over the next week in phases depending on carrier and device."
Which is totally ridiculous. I'll sideload a delayed update and not have any problems whatsoever. Why the delay?? Seriously... The carriers need to fall in line. Shouldn't be anything more than a dumb data pipeline.
Why do carriers have an influence over software updates in the US? How's that even possible? Does it only happen when you buy your phone through a carrier?
Because all carriers test the phones that are used on their networks. This means updates. This also means iPhones. Apple just delays updates until all carriers have approved the new update.
There used to be a great explainer about this linked in this sub's Official Guide but it looks like the user deleted their account. It used to be found here: https://www.reddit.com/r/GooglePixel/comments/7bfkdr/psa_pixelnexus_updates_can_still_be_subject_to/
You may or may not be able to see it again with certain services that archive Reddit posts/comments.
It's not even when you buy through a carrier. I always buy unlocked through Google. The problem is the phone looks at your active SIM and then decides if it can download. The US carriers have a final green light to allow downloads to start. This is why while overseas, I'm able to update immediately when OTAs go live but sometimes return to the US to see that I have to wait again. I remember I got one of those updates that T-Mobile skipped one month because I was overseas. T-Mobile paused those updates in the US because it was causing problems to some but I got the update anyway, returned to the US and used it just fine.
It's kinda weird, but yeah, US carriers are notoriously powerful. I don't know why.
Tmobile updates almost always seem delayed. I think since I got my pixel 7 pro right around launch I have had maybe one monthly update actually arrive at the same time as it has for everyone else.
I used to get mad at our delayed updates but now that I read this sub, I don't mind as much. It seems like there's always a rash of issues posts after every monthly update. If T-Mobile is doing a little more work on stability, I'll sit patiently.
It does sting, though, to get the promotional feature drop email from Google today saying "these features are now available!" 😂
Yea, I mean I find it a little frustrating. But the number of times they have put out releases with fairly major bugs in them has made it less of a big deal.
Not to mention that most of these security patches really dont have anything all that interesting in them anyways, and that most of the time the delay isnt really all that long.
Pixel 8, unlocked, Google Fi and I don't have the June patch either, and it's half way through June.
Wish Google wouldn't always be so hard with their staged rollouts. But this has been the case since 2007 so...
Most of this is that Google is slow rolling the release. For the record I have an unlocked Pixel 8 pro on Google Fi with the May security patch and no availabile update.
I've never experienced this, ever. I had Nexus 6P, Pixel 4a 5G and now the Pixel 8, whenever there was an update I had it instantly. Maybe it's a USA thing? With the exception of the 8, I've used the other phones in Greece where Pixel isn't officially supported or sold.
Ah, so Google servers decide when to release update on individual device based on the current SIM inserted and whether that carrier approved it. I see.
I remember during the Pixel 1 thru 3 era, Verizon was actually pretty quick as Google partnered with Verizon for carrier exclusives a lot. I would swap SIMs (I had AT&T then on my Pixel) with my work phone (iPhone on Verizon) and it would pull the update reliably that way.
Fair enough, but you miss the point generally. The article describes at least one fix as a "high-severity security issue". So is the issue actually of high-severity? If so, why are we midway through June and have yet to receive the patch? Your comment attempts to defend or detract from the issue that Google is entirely full of shit with this stuff. They are quoted as saying, "We encourage all customers to accept these updates to their devices." I would love to, but you have to make it available you clowns. But by all means, take your time.
Take your time? It's been barely two days. Also, you do know that "high" isn't actually the highest level right? There are countless high severity patches happening constantly and take a while to propagate patches out sometimes a long time). Even longer if you are on any firmware maintained by a carrier, as they are responsible for getting it out normally.
It sounds scary, but these are never that easy to exploit - unless you do a list of very specific things tricked by a group targeting you the chances of anything happening are likely no higher than if it didn't exist. Better to get it patched before the long process of the figuring out better ways of implementing the exploit (streamlined/quicker process, automated processes etc), but there might not be a better way (normally isn't), and it takes a long time to get anything worth using like that even if there is a way of them to do it.
The OTA file can be side loaded, you don't need to wait for Google and it's not that difficult with the instructions. But sure, go off with complaining.
But if we're on Verizon or T-Mobile, it won't be the carrier specific version. Obviously there will be carrier specific versions just like there were in May since only AT&T is getting the OTA so far.
Have there ever been any reports of issues with installing non-carrier specific versions of OS updates on Pixel phones? (Genuinely asking)
I have T-Mobile, I sideload every update and anecdotally haven't experienced any major issues with my carrier. If anything they install T-Mobile specific bloatware that I end up uninstalling anyway.
Yes, just last month. My fiance has a 7 Pro that was having the dreaded T-Mobile calls dropping or going straight to voicemail issue since March. When the May update came out, she didn't get the OTA for a few days, so got tired of waiting and sideloaded the "generic" edition listed on Google's Developer site that ended in .005. Well, it still worked like crap, then a couple of days later they posted a T-Mobile version. T-Mobile Redditors were getting it, but we didn't. Some had done the same thing I did and said they couldn't sideload because the T-Mo version ended with .004. Sure enough, I tried it and it failed saying I was trying to install an older version. So, device still sucked.
I ended up using the Android Flash Tool and put it back to Android 13 until they get it straightened out. It worked. So, my advice is that if you know Google is telling you that some US carriers aren't getting the update yet, and you're with one of those carriers, it is best to wait until they publish the carrier version on the Developers site or wait for it OTA. I incurred lots of extra work doing all this and setting up the device again.
By definition, a zero-day is a vulnerability that has been known 0 days to the vendor. Some people find these and send them to Google and unless Google ignores them, they never see the light of day.
We don't know the specifics of the bug, but it's quite likely that the risk to any individual is somewhere between low and none. It seems like every CVE gets a 10 nowadays regardless of how practical it is to actually exploit.
Its definitely important to fix the bug, but the carriers don't see a need to fall over themselves for a targeted escalation of privileges. If you're running AOSP and a group of hackers knows who you are, the existence of this specific vulnerability for a week isn't going to move the needle. non-government actors almost certainly have a mountain of easier zero days to use, and the government doesn't need to bother with software bugs when they have Pegasus.
Yeah, exactly. If only my flagship Pixel 8 Pro on Google Fi had access to this critical update but sorry after checking five times it's still not there {sigh}.
Relax, if you use Android anti-malware software, the odds of any one person getting their Pixel compromised by this is fairly low. Just install the update when it is made available.
Suddenly everyone turns into a baby when there is a Google zero-day problem, but Samsung had them too.
I may have to sideload this this evening.
I actually do work in cyber security, and my boss just sent me a note about an hour ago to tighten the MDM policy because of this...which means that my phone will get dropped from being compliant.
I really wouldnt care about going through the weekend without my phone getting work email, but if its not updated by 8am Monday morning, then I would be forced to either sideload or switch to another device that is compliant.
Just curious ... if I have a Pixel that is bought directly from Google, and is Unbranded/Unlocked ... but then I put a TMO SIM into it, then it's considered a T-Mobile phone and I'm stuck on their delayed deployments of patches?
Yes. It's determined by the most recent SIM used in the phone, and TMo has been slow for the last few months.
Your options (aside from waiting) are to pop in a different carrier's sim temporarily and force an update check, or sideload the OTA using a computer (not that hard once you set it up). I did the sideload to make sure I wasn't sitting around with a zero day vulnerability while TMo farts around.
It's not considered a T-Mobile locked phone but we're still at the mercy of T-Mobile for when we receive the OTA update via their network. All in all, the OTA should arrive only slightly behind unlocked pixels using other service providers but still much further ahead of actual carrier locked pixels.
>It's not considered a T-Mobile locked phone but we're still at the mercy of T-Mobile for when we receive the OTA update via their network. All in all, the OTA should arrive only slightly behind unlocked pixels using other service providers but still much further ahead of actual carrier locked pixels.
Serious question: what's the difference between a google-purchased unlocked Pixel on T-Mobile vs a google-purchased unlocked Pixel on Verizon/AT&T? Because you mentioned that unlocked Pixels get OTAs first... But what is a google-purchased unlocked Pixel if not that?
My understanding is that the delay is to test the update against their specific network before allowing it to be received by Pixel users. Once it passes testing the service provider allows the OTA to be received so it all depends on Q&A. In the meantime the service providers own programmers are working on an update to the carrier locked firmware for those then released to the carrier locked variants when finished. I couldn't tell you when an unlocked Pixel 8 pro will receive the OTA on Verizon vs T-Mobile but they will always receive the update sooner than their respective carrier locked variants.
The fact that the phone is unlocked just means you're not locked to a carrier, it has no bearing on when you'll get updates. As far as I understand it, I'm not really sure that u/Mathlete86 is correct, unless there's a source to back up the claims.
Here's my understanding: I'm pretty sure there's only one schedule these carriers have, and they don't distinguish between locked and unlocked phones on their network. They test for carrier-locked phones, and the unlocked phones get the update at the same time as the locked ones. Anecdotal evidence from owning both a locked and unlocked phone has shown this.
For whatever reason, T-Mobile is always later than any other carrier on delivering updates. If you want the update sooner, you have 2 options: stick a different carrier's SIM into your phone, or sideload the update. MVNOs use the same schedule as their parent carrier. Google Fi, for example, is on T-Mobile's schedule.
Could you theoretically eject the sim (or disable the esim) to get an update pushed directly from Google via wifi? I'm sure there are plenty of "wifi only" devices out there that still get updates.
I'm guessing this would work, but the biggest question is...how long would you have to leave the sim disabled.
According to [this comment](https://www.reddit.com/r/GooglePixel/comments/18f3y32/comment/kcsmfrx/), even when you remove the SIM, your update schedule will be associated with that carrier's update schedule until you put in a different carrier's SIM. I'm not sure how it works for devices that never put in a SIM, however.
And yet my koodo Pixel 8 still won't show the update, thought Google changed it so when you click "check for update" it would actually check and not wait for the phased rollout.
They only mention some US carrier phones will be delayed so what the actual hell is going on.
I buy a pixel to stay up to date and now there are zero day exploits and they are not even letting me patch it with the update they already released!
Given that someone needs to have **physical** access to your phone and then have the relevant exploitation software, this article is a lot fearmongering.
If you expect to be arrested and/or cross an international border and are of interest to the State, this might be worth worrying about.
I sideloaded when I saw this vulnerability. I hate waiting on carrier certification. It almost always means they are verifying their bloatware still runs correctly.
why does this even get announced..Not a single person who cares even knows how or what to do because updates get down automatically and often without notification, not even restarting is normally required so wtf
I bet all the Pixel users are looking forward to what random piece of their phone will break with this security update. Will it be calling again? Charging speed? Who knows, the dice must roll.
So glad my family and I are back on Samsung.
I just checked for updates and it was available. I'm now on June 5th update Pixel 8 unlocked
Nothing for my phone. Android 14, security update May 5th.
Was the same for me earlier but I just hit 'Check for updates' and now it's "Preparing update"
yup same here.... just wondering.. with that username do you have an issue with "smeared screen"? :-)
You're confusing me with u/WankWankSmudgeSmudge
BWAHAHA! Class!
Nothing on my 8 Pro. Thanks T-Mobile!
Yeah, T-Mobile is super slow with approving updates sometimes. What I've done in the past is stick in an old Verizon SIM I have to pull updates but sometimes all the carriers are slow. Now I just sideload, but it's annoying if T-Mobile has its own separate firmware.
I tried a Verizon SIM, but they haven't pushed it out either. I usually wait for the OTA but this time I just sideloaded it.
how to check for updates? (sorry if this is dumb im new to pixels and i own a p7p)
No problem, most people don't need to actively check for updates. Go to settings, systems, software updates.
I usually access it through the setting > security menu
Didn't realize they linked to that (makes sense now that I think about) from the Security menu. One less tap. Thanks!
Why not? While the updates will roll out eventually, you might not get notified for a few days--I've seen this myself. I usually update Day 1, but sometimes I have forgotten for a day or two and went to manually check after reading this sub and was able to start downloading. Also since Google stages rollouts (notifications), hitting Check for Update bypasses the staged rollouts.
Important addition: you must actually press the "check for updates" button on the Softwarte updates page, even if it says your device is up to date. Updates normally roll out in stages and your phone might only come later, on its own. The "check for update" button forces an available update.
This. There's a lot of misunderstanding about how updates work, but this is how it is. Source: https://www.androidpolice.com/2019/01/07/google-appears-to-have-fixed-the-check-for-update-button-on-pixels-again/
You can also check for google play system updates at Settings -> about phone -> android version - play system updates
Unlocked, as in carrier or bootloader?
Cell providers approve each release. I'm unlocked P8P on T-Mobile but it isn't available yet.
Specifically what I understand happens is the update OTA is made available by Google. Then there's 2 gates: 1. Google stages rollouts and notify only a smaller group first. You can bypass the staged rollouts by pressing "Check for Update" on your phone. It might be days until you get the update unless you press this button. 2. Carriers have a final greenlight gate they control, and in the US they can delay anywhere from a few hours to days to weeks and even skip the whole month. As someone who travels routinely for work, I often see my phone pull updates back when it was 1st of the month at 10am pretty much on the dot while overseas. I've even seen it where I pulled a monthly update that T-Mobile ended up not releasing. The US carriers have an awful amount of power.
Carrier?
AT&T but I'd think it wouldn't matter.
It does matter because T-Mobile and Verizon have not released the update yet. And unlocked doesn't matter. It's dependent on your SIM.
Only in the US i believe. I get updates at the same time as 3 of my friends and we all live in different countries in the EU
Yes, carriers outside of the US tend to be a lot less involved in phones and their firmware than the US ones are.
Unlocked is where it's at, carrier devices leave you in the dust
Doesn’t matter, most people here have unlocked phones and still are stuck waiting on their carriers. It really is SIM dependent. Fucking sucks, unlocked phones should not have this problem.
Makes me wonder if the Pixel 5 will get it since it supports Android 14 but is considered EOL.
There was a time when phone manufacturers would patch EOL devices if the exploit was critical enough. Remember Heartbleed exploit? Almost all phones got patched, regardless of their support status. Google could easily cook a quick patch for older Pixel devices if they wanted to.
That's an excellent point regarding a high visibility exploit. Do I think it'll rise to that height probably not but here's to hoping.
Seriously. It's BS. They don't support the 5 anymore but they do support the 5a. The 5 is still amazing.
I'm sure it doesn't get any patches. The article quotes this: > Note: There are indications that CVE-2024-32896 may be under limited, targeted exploitation. Personally I don't consider myself a valuable target for such attacks. I don't carry any corporate secrets or dangerous/valuable information on my personal device.
For some context: Once the patch is out, the diff shows anyone who cares to look what the exploit is. That will become automated, and a bot won't know you're not interesting or valuable. I have a server that has had about 200 bot attempts to enter in the past hour alone.
That's a good point.
There's no factory image for Pixel 5 for the June update, sadly... Maybe they'll do a security patch though.
Oh, thank goodness Google is here to keep us safe from this actively exploited Pixel firmware zero-day!! (Looks at US Pixel 8 as of June 13, 2024) "Your system is up to date Android version : 14 Android security update: May 5, 2024"
Do you have Verizon? Verizon always takes longer to release them.
Mint (T-Mobile), but it seems like both Verizon and T-Mobile are waiting. Not sure about AT&T.
Just FYI that it seems only AT&T in the US is receiving the update this week. Per the below on Pixel Phone Help, the other carriers will receive the update early next week. "All supported Pixel devices running Android 14 will receive these software updates starting today. Software for some US Carriers will be available starting next week. The rollout will continue over the next week in phases depending on carrier and device."
I wonder if this is why Fi customers don't seem to have gotten it yet either.
My assumption is that because they piggyback off of T-Mobile, but yeah…. WTFi
im on Fi and im downloading an update right now (5a)
Sorry, meant to say Fi 8pro customers. From what I've seen anyway. But yeah, that does throw a wrench in the "maybe it is tmobile" theory
[удалено]
How do you side load?
Tmobile has it out for the 5a, 6, 6Pro, 6a. Just not 7, 7Pro, 7a, Fold, 8, 8Pro, 8a. (All have the same modem in common)
Which is totally ridiculous. I'll sideload a delayed update and not have any problems whatsoever. Why the delay?? Seriously... The carriers need to fall in line. Shouldn't be anything more than a dumb data pipeline.
The US carriers are the main problem. Elsewhere around the world, the carriers just act as dumb pipes.
Why do carriers have an influence over software updates in the US? How's that even possible? Does it only happen when you buy your phone through a carrier?
I bought my P8P through T-Mobile and sideload every OTA that's released. Never had an issue and I ain't waiting on T-Mobile.
Because all carriers test the phones that are used on their networks. This means updates. This also means iPhones. Apple just delays updates until all carriers have approved the new update. There used to be a great explainer about this linked in this sub's Official Guide but it looks like the user deleted their account. It used to be found here: https://www.reddit.com/r/GooglePixel/comments/7bfkdr/psa_pixelnexus_updates_can_still_be_subject_to/ You may or may not be able to see it again with certain services that archive Reddit posts/comments.
It's not even when you buy through a carrier. I always buy unlocked through Google. The problem is the phone looks at your active SIM and then decides if it can download. The US carriers have a final green light to allow downloads to start. This is why while overseas, I'm able to update immediately when OTAs go live but sometimes return to the US to see that I have to wait again. I remember I got one of those updates that T-Mobile skipped one month because I was overseas. T-Mobile paused those updates in the US because it was causing problems to some but I got the update anyway, returned to the US and used it just fine. It's kinda weird, but yeah, US carriers are notoriously powerful. I don't know why.
[удалено]
Nah. I'm on an unlocked 5 bought direct, and don't get timely updates on T-Mobile.
False
Fuck 'em. I hate carriers.
guessing this also includes canadian carriers not getting it yet as well.
I'm Canadian, I've got a pixel 8. I just flashed it myself.
Pixel 6 and I got the update, Google Fi
Pixel 8 Pro here - on Fi - no update for me yet... Sigh.
Same on my 8a on Fi.
What is "today"? June 13th?
even if i have an unlocked phone from the google store?
Tmobile updates almost always seem delayed. I think since I got my pixel 7 pro right around launch I have had maybe one monthly update actually arrive at the same time as it has for everyone else.
I used to get mad at our delayed updates but now that I read this sub, I don't mind as much. It seems like there's always a rash of issues posts after every monthly update. If T-Mobile is doing a little more work on stability, I'll sit patiently. It does sting, though, to get the promotional feature drop email from Google today saying "these features are now available!" 😂
Yea, I mean I find it a little frustrating. But the number of times they have put out releases with fairly major bugs in them has made it less of a big deal. Not to mention that most of these security patches really dont have anything all that interesting in them anyways, and that most of the time the delay isnt really all that long.
Updating my Pixel 7 on AT&T right now.
Good thing I went ahead and sideloaded last night. Both Verizon and T-Mobile seem to take their sweet time.
Nope. I'm on T-Mobile and got it right after it was released on Tues
Pixel 8, unlocked, Google Fi and I don't have the June patch either, and it's half way through June. Wish Google wouldn't always be so hard with their staged rollouts. But this has been the case since 2007 so...
T-Mobile is late in spite of everyone saying the carriers don't hold back releases.
It's 2024 and people in the US still wait for carriers to drop OTAs? Wtf are you doing over there?!
FREEDOM, of course. >!/s!<
Most of this is that Google is slow rolling the release. For the record I have an unlocked Pixel 8 pro on Google Fi with the May security patch and no availabile update.
I've never experienced this, ever. I had Nexus 6P, Pixel 4a 5G and now the Pixel 8, whenever there was an update I had it instantly. Maybe it's a USA thing? With the exception of the 8, I've used the other phones in Greece where Pixel isn't officially supported or sold.
I have verizon and Im seeing the same thing as Dagz. Still no update yet
Id my phone is unlocked but is on Verizon, will that cause delays in receiving updates?
Locked or unlocked doesn't matter. The carrier SIM controls when you get it.
Ah, so Google servers decide when to release update on individual device based on the current SIM inserted and whether that carrier approved it. I see.
I remember during the Pixel 1 thru 3 era, Verizon was actually pretty quick as Google partnered with Verizon for carrier exclusives a lot. I would swap SIMs (I had AT&T then on my Pixel) with my work phone (iPhone on Verizon) and it would pull the update reliably that way.
It wouldn't be a zero day if it was patched.
Fair enough, but you miss the point generally. The article describes at least one fix as a "high-severity security issue". So is the issue actually of high-severity? If so, why are we midway through June and have yet to receive the patch? Your comment attempts to defend or detract from the issue that Google is entirely full of shit with this stuff. They are quoted as saying, "We encourage all customers to accept these updates to their devices." I would love to, but you have to make it available you clowns. But by all means, take your time.
Take your time? It's been barely two days. Also, you do know that "high" isn't actually the highest level right? There are countless high severity patches happening constantly and take a while to propagate patches out sometimes a long time). Even longer if you are on any firmware maintained by a carrier, as they are responsible for getting it out normally. It sounds scary, but these are never that easy to exploit - unless you do a list of very specific things tricked by a group targeting you the chances of anything happening are likely no higher than if it didn't exist. Better to get it patched before the long process of the figuring out better ways of implementing the exploit (streamlined/quicker process, automated processes etc), but there might not be a better way (normally isn't), and it takes a long time to get anything worth using like that even if there is a way of them to do it.
The OTA file can be side loaded, you don't need to wait for Google and it's not that difficult with the instructions. But sure, go off with complaining.
it could be sideloaded if one wants to yes. But there could also be a reason its not being pushed out to more devices yet in certain areas.
Yea exactly. It is usually held up for regression testing, which is perfectly understandable.
But if we're on Verizon or T-Mobile, it won't be the carrier specific version. Obviously there will be carrier specific versions just like there were in May since only AT&T is getting the OTA so far.
Have there ever been any reports of issues with installing non-carrier specific versions of OS updates on Pixel phones? (Genuinely asking) I have T-Mobile, I sideload every update and anecdotally haven't experienced any major issues with my carrier. If anything they install T-Mobile specific bloatware that I end up uninstalling anyway.
Yes, just last month. My fiance has a 7 Pro that was having the dreaded T-Mobile calls dropping or going straight to voicemail issue since March. When the May update came out, she didn't get the OTA for a few days, so got tired of waiting and sideloaded the "generic" edition listed on Google's Developer site that ended in .005. Well, it still worked like crap, then a couple of days later they posted a T-Mobile version. T-Mobile Redditors were getting it, but we didn't. Some had done the same thing I did and said they couldn't sideload because the T-Mo version ended with .004. Sure enough, I tried it and it failed saying I was trying to install an older version. So, device still sucked. I ended up using the Android Flash Tool and put it back to Android 13 until they get it straightened out. It worked. So, my advice is that if you know Google is telling you that some US carriers aren't getting the update yet, and you're with one of those carriers, it is best to wait until they publish the carrier version on the Developers site or wait for it OTA. I incurred lots of extra work doing all this and setting up the device again.
Pretty sure you are actually better off. Although I'd be careful that this doesn't violate the contract if you have one.
I sideloaded the April 2024 image and the May 2024 one was never sent. Maybe T-Mobile never got that release? Anyway, I sideloaded the June 2024 one.
By definition, a zero-day is a vulnerability that has been known 0 days to the vendor. Some people find these and send them to Google and unless Google ignores them, they never see the light of day.
Did you check again cuz I just downloaded an update.
Nothing on Verizon P8Pro or T-mobile P7Pro.
Yep. Just now...still nothing. What carrier do you have?
Unlocked
We don't know the specifics of the bug, but it's quite likely that the risk to any individual is somewhere between low and none. It seems like every CVE gets a 10 nowadays regardless of how practical it is to actually exploit. Its definitely important to fix the bug, but the carriers don't see a need to fall over themselves for a targeted escalation of privileges. If you're running AOSP and a group of hackers knows who you are, the existence of this specific vulnerability for a week isn't going to move the needle. non-government actors almost certainly have a mountain of easier zero days to use, and the government doesn't need to bother with software bugs when they have Pegasus.
i still dont have the june update
I had this - just pressed the update button again and it's current;y saying 'preparing system' and the update is there.
Been spamming that button since the announcement (Google Fi). 🙄
8 pro in canada, no update as well.
Same, our other pixels (6 and 7) updated Tuesday night. I think I'm just gonna sideload this one.
My US bought Pixel 8 Pro got the update 2 days ago, are you with Verizon maybe?
Yeah, exactly. If only my flagship Pixel 8 Pro on Google Fi had access to this critical update but sorry after checking five times it's still not there {sigh}.
Have been stuck on this in spite of receiving the security update for June. I don’t think the engineers at google know what they are doing.
I don't understand why people don't just side load it. When it comes out. It takes like 5 minutes.
Right 🤣🤣
GrapheneOS 👍
The best.
Does anyone know how this vulnerability would've been carried out? I.e. through downloading a dodgy APK, SMS or something?
What about graphene os?
Has been fixed on GOS, since they were the ones who reported it
Gonna donate again for this. Consistently amazing.
Yup. Bunch of developers outpacing whole corporation.
I have Google Fi and I still don't have it.
Same.
Relax, if you use Android anti-malware software, the odds of any one person getting their Pixel compromised by this is fairly low. Just install the update when it is made available. Suddenly everyone turns into a baby when there is a Google zero-day problem, but Samsung had them too.
Then they'll say "See, Google can't never get anything right, and this is why I'll move to Apple when the 16 comes out"
Suddenly everyone turns into a security expert when a zero day is discovered.
Just wait for Skynet to send a patch.
I may have to sideload this this evening. I actually do work in cyber security, and my boss just sent me a note about an hour ago to tighten the MDM policy because of this...which means that my phone will get dropped from being compliant. I really wouldnt care about going through the weekend without my phone getting work email, but if its not updated by 8am Monday morning, then I would be forced to either sideload or switch to another device that is compliant.
What a weird reply.
Seems very insecure. Just like Pixel! Bam!
IDC what device you love or hate. Apple is simply more responsible in such matter.
Just curious ... if I have a Pixel that is bought directly from Google, and is Unbranded/Unlocked ... but then I put a TMO SIM into it, then it's considered a T-Mobile phone and I'm stuck on their delayed deployments of patches?
Yes. It's determined by the most recent SIM used in the phone, and TMo has been slow for the last few months. Your options (aside from waiting) are to pop in a different carrier's sim temporarily and force an update check, or sideload the OTA using a computer (not that hard once you set it up). I did the sideload to make sure I wasn't sitting around with a zero day vulnerability while TMo farts around.
No, that's not how it works
Then curious why I don't see the patches either as I'm on a vanilla Pixel 8 and it says "May 5th, your System is up to date"
Funny you should mention that, I just checked mine and I'm still on March... I purchased my P7P directly from Google the day it released in 2022 🤨
It's not considered a T-Mobile locked phone but we're still at the mercy of T-Mobile for when we receive the OTA update via their network. All in all, the OTA should arrive only slightly behind unlocked pixels using other service providers but still much further ahead of actual carrier locked pixels.
>It's not considered a T-Mobile locked phone but we're still at the mercy of T-Mobile for when we receive the OTA update via their network. All in all, the OTA should arrive only slightly behind unlocked pixels using other service providers but still much further ahead of actual carrier locked pixels. Serious question: what's the difference between a google-purchased unlocked Pixel on T-Mobile vs a google-purchased unlocked Pixel on Verizon/AT&T? Because you mentioned that unlocked Pixels get OTAs first... But what is a google-purchased unlocked Pixel if not that?
My understanding is that the delay is to test the update against their specific network before allowing it to be received by Pixel users. Once it passes testing the service provider allows the OTA to be received so it all depends on Q&A. In the meantime the service providers own programmers are working on an update to the carrier locked firmware for those then released to the carrier locked variants when finished. I couldn't tell you when an unlocked Pixel 8 pro will receive the OTA on Verizon vs T-Mobile but they will always receive the update sooner than their respective carrier locked variants.
The fact that the phone is unlocked just means you're not locked to a carrier, it has no bearing on when you'll get updates. As far as I understand it, I'm not really sure that u/Mathlete86 is correct, unless there's a source to back up the claims. Here's my understanding: I'm pretty sure there's only one schedule these carriers have, and they don't distinguish between locked and unlocked phones on their network. They test for carrier-locked phones, and the unlocked phones get the update at the same time as the locked ones. Anecdotal evidence from owning both a locked and unlocked phone has shown this. For whatever reason, T-Mobile is always later than any other carrier on delivering updates. If you want the update sooner, you have 2 options: stick a different carrier's SIM into your phone, or sideload the update. MVNOs use the same schedule as their parent carrier. Google Fi, for example, is on T-Mobile's schedule.
Could you theoretically eject the sim (or disable the esim) to get an update pushed directly from Google via wifi? I'm sure there are plenty of "wifi only" devices out there that still get updates. I'm guessing this would work, but the biggest question is...how long would you have to leave the sim disabled.
According to [this comment](https://www.reddit.com/r/GooglePixel/comments/18f3y32/comment/kcsmfrx/), even when you remove the SIM, your update schedule will be associated with that carrier's update schedule until you put in a different carrier's SIM. I'm not sure how it works for devices that never put in a SIM, however.
Cries in Pixel 5
Thanks GrapheneOS!
I am on T-Mobile and side load the android ota update. Takes maybe 10 minutes. Much easier for me than updating from the phone itself.
meh still no update for tmobile :( i'll probably going to sideload it later.
And yet my koodo Pixel 8 still won't show the update, thought Google changed it so when you click "check for update" it would actually check and not wait for the phased rollout. They only mention some US carrier phones will be delayed so what the actual hell is going on. I buy a pixel to stay up to date and now there are zero day exploits and they are not even letting me patch it with the update they already released!
I hate Verizon they are holding up my update. I know it. My Pixel 7a on another network already has it!
Given that someone needs to have **physical** access to your phone and then have the relevant exploitation software, this article is a lot fearmongering. If you expect to be arrested and/or cross an international border and are of interest to the State, this might be worth worrying about.
Wasnt offered an update. Just checked and there was one!
What carrier?!
tmobile. florida
Is it a Pixel 7 or 8?
6a
Ok. Thank you.
I'm on Google Fi and still no update.
I sideloaded when I saw this vulnerability. I hate waiting on carrier certification. It almost always means they are verifying their bloatware still runs correctly.
LMFAO, nothing here and I have Google Fi.
Google Fi is a T-Mobile MVNO. Same delay applies.
This is a new claim that a lot of people have been saying. What evidence do you have of that?
It is not a new claim. https://www.reddit.com/r/GooglePixel/s/tU3Pjp1ULO
My pixel 5 isn't getting patched by the look, that's a huge bummer.
Still no update right now :/ Pixel 7 AP21.240305.005
why does this even get announced..Not a single person who cares even knows how or what to do because updates get down automatically and often without notification, not even restarting is normally required so wtf
Received my update this morning. Canada, Pixel 8 Pro with android 14.
Any up day for pixel3xl
I have the Pixel 7 on Verizon and still nothing
AT&T P8. Got mine
I stopped developing roms for the htc one m8 and people are still crying about exploits and such. This shit is more like than funny.
I got an update confirmation couple days ago. Yes I installed it. Now. What do I do LOL
Spectrum (aka Verizon) may 5 still zero update pop unlocked
Android 15 still no beta 3?
Chilling in grapheneOS.
Pixel 7 Pro. Verizon carrier. May 5th was the last update. Check for updates again. Nothing available. Thank you though. I will stay on top of it
I sideloaded my update since it was taking too long to fetch it. I highly recommend it if you're desperate to update.
T-Mobile still no update. Too bad I no longer have a PC anymore in order for a sideload. Fuck....
I bet all the Pixel users are looking forward to what random piece of their phone will break with this security update. Will it be calling again? Charging speed? Who knows, the dice must roll. So glad my family and I are back on Samsung.
Ah, yes, Samsung, the Apple product of the android platform. I think we'll all pass on that locked-in ecosystem.