Some Pixel 6a customers have still NOT received the March Security Updates, but this is new?
https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html?m=1
The date of the post you cite is yesterday, so the vulnerability is either new or newly disclosed. If one is sufficiently concerned, turning off WiFi calling is an option but turning off VoLTE (even if possible) would render a phone unusable as a phone. With 3G networks in the U.S. retired, VoLTE (Voice over LTE) is required.
I find two things in the source interesting:
- Generally, Samsung uses Exynos chips in phones intended for markets outside the U.S.
- The suggested fix of turning off WiFi calling and VoLTE would render one’s phone useless in the U.S.
The combination of these factors cause me to wonder if this is something aimed at non-U.S. users but I can’t be certain.
Turning off Wifi Calling is easy enough, but I could not find a way to disable VoLTE, and like you said, the phone would probably cease making calls altogether at that point.
This one was kind of scary:
“any vehicles that use the Exynos Auto T5123 chipset.”
What vehicles use the Exynos Auto T5123 chipset?
My family has three Pixel 6s (just plain 6, not a, not Pro). When manually updating two of the three phones downloaded and installed the March update. The third phone is on February and says there are no updates available.
My guess is that they’re still doing a phased rollout to spot potential issues.