It’s been awhile since the KRACK vulnerability was discovered. Since then, almost every other manufacturer has taken immediate actions and rectified the issue with updates for their devices. Google as well addressed the concern in the most recent November security update. Or did they? Apparently not.
Despite mentioning in the official security bulletin and publicly acknowledging the fix, Google still hasn’t patched the critical vulnerability on its Pixel, Nexus, and even the latest Pixel 2 smartphones. It was supposed to be included in the November 5 security update but on being asked, Android’s Director of Security, Adrian Ludwig, clarified in a reply on Google Plus stating “The 11/5 update for Pixel does not include the patches for KRACK — those will be in the next security update“.
Ludwig, however, didn’t mention when exactly the “next security update” will be available. My guess is it shouldn’t take long, perhaps within the week. This is quite a baffling circumstance for Google’s phones as they are primarily known for their regular updates in the market. What’s more worrying here is that Google didn’t itself revealed this error. It could be, of course, just a misprint and there’s also a good chance Google just missed it.
Interestingly, other phone makers such as Apple, Samsung, Essential have already rolled out the patches. Google has already faced a lot of flak since the Pixel 2 launch as reviewers continued to highlight its the display’s dull colors and poor quality when compared to others. Fortunately, the former seems to be fixed with the latest update through software. Google added a few more presets for forcing the screen to show relatively more vibrant colors.