A mystery security flaw has led the US government to ask staff to upgrade their Google Pixel phones right away.

The major hole, which apparently originates from a problem in the Android operating system, has already been fixed by Google, albeit they did not disclose any information about how it may be exploited.

The government alert stated, "Android Pixel contains an unspecified vulnerability in the firmware that allows for privilege escalation." "Use mitigations as directed by the vendor, or stop using the product if mitigations are not available."

This security flaw is known as a zero-day exploit, which means that hackers were able to launch cyberattacks before any countermeasures were implemented.

The vulnerability, referred to as CVE-2024-32896, puts Pixel owners at risk of having their phone hijacked if they do not update their phones to the latest version.

Android-based operating system GrapheneOS warned that the security vulnerability is not limited to Pixel phones, though these are the first to receive the update. Other Android users will likely receive an update in August.

According to Google, the exploit has already been used in targeted attacks, though no details were given about who was targeted and how.

The Independent has reached out to Google for further information.

The firmware security patch also has fixes for a further 49 vulnerabilities relating to both hardware and software components.

Google Pixel phones can be updated within the device’s Settings app, with software updates typically taking anywhere from a few minutes to half an hour, depending on how new the smartphone is.

“We encourage all customers to accept these updates to their devices,” Google said in its Pixel update bulletin for June 2024.

US National Institute of Standards and Technology said that government employees must update their Google Pixel devices by 4 July or stop using the smartphones.