Mitigating 0-Click Audio Exploits on Pixel 9: A Guide for SOC Teams

The concept of a "zero-click" exploit is often viewed as the pinnacle of sophisticated attack chains. No user interaction is required—no link clicked, no file downloaded. The exploit simply arrives, often via a messaging app, and executes. Google Project Zero's recent analysis of the Pixel 9 ecosystem highlights a critical vulnerability in how modern Android devices handle incoming audio messages.

For security operations (SOC) teams and mobile fleet managers, this serves as a stark reminder that the attack surface extends far beyond the web browser or email client. It lies in the background processes that transcribe voicemails and process media files automatically.

Technical Analysis

The research identified a 0-click security issue chain centered on the audio attack surface of the Pixel 9. Specifically, the vulnerability stems from how incoming audio messages are processed automatically before user interaction occurs.

Affected Components:

• Google Messages: The application utilizes a feature where incoming audio messages are transcribed automatically to provide users with text previews.
• Dolby UDC (Universal Decoder Component): A component often involved in high-quality audio processing on mobile devices.
• com.google.android.tts: On the Pixel 9, a secondary text-to-speech process was found to decode incoming audio messages, likely related to searchability or accessibility features.

The Vulnerability: The automatic transcription feature necessitates that untrusted, incoming audio data be parsed and decoded by complex native code (C/C++). Project Zero discovered that memory corruption vulnerabilities within these audio decoders—specifically within the Dolby UDC and the TTS processing pipeline—could be triggered remotely. By sending a specifically crafted audio file, an attacker can execute arbitrary code on the device without the user ever having to click or answer the call.

Severity: Critical. This allows for Remote Code Execution (RCE) with the privileges of the respective processes, potentially leading to full device compromise.

Patching Status: Google and device manufacturers typically address these issues via monthly security patches. Organizations must ensure devices are updated to the latest security patch level that addresses these specific memory corruption flaws in the audio framework.

Defensive Monitoring

Detecting 0-click exploits is notoriously difficult because there is no user action to trigger an alert. However, defenders can monitor the behavior of the specific processes involved in the attack chain.

SIGMA Rules

The following SIGMA rules are designed to detect suspicious behavior from the audio transcription components on Android endpoints ingested into a SIEM.

---
title: Suspicious Child Process Spawned by Android TTS Service
id: a1b2c3d4-5678-90ab-cdef-1234567890ab
status: experimental
description: Detects the Google Text-to-Speech service spawning unexpected child processes, which may indicate an exploit attempt leading to code execution.
references:
  - https://projectzero.google/2026/01/pixel-0-click-part-3.html
author: Security Arsenal
date: 2026/01/20
tags:
  - attack.execution
  - attack.t1059
  - attack.initial_access
logsource:
  category: process_creation
  product: android
detection:
  selection:
    ParentImage|endswith: '/com.google.android.tts'
    Image|notcontains:
      - '/system/bin'
      - '/apex/com.android.art/'
  condition: selection
falsepositives:
  - Legitimate accessibility features spawning standard utilities
level: high
---
title: Google Messages Processing Suspicious Audio Codecs
id: b2c3d4e5-6789-01ab-cdef-2345678901bc
status: experimental
description: Detects Google Messages process accessing or decoding audio files from suspicious locations or with unusual extensions prior to user interaction.
references:
  - https://projectzero.google/2026/01/pixel-0-click-part-3.html
author: Security Arsenal
date: 2026/01/20
tags:
  - attack.initial_access
  - attack.t1190
logsource:
  category: file_event
  product: android
detection:
  selection:
    Image|endswith: '/com.google.android.apps.messaging'
    TargetFilename|contains:
      - '/Download/'
      - '/cache/'
    TargetFilename|endswith:
      - '.wav'
      - '.amr'
      - '.m4a'
  condition: selection
falsepositives:
  - User playing legitimate audio messages
level: medium

KQL (Microsoft Sentinel/Defender)

For organizations using Microsoft Defender for Endpoint on Android, the following KQL queries can help identify suspicious activities related to the audio transcription services.

// Detect unusual process creation by com.google.android.tts
DeviceProcessEvents
| where InitiatingProcessFileName =~ "com.google.android.tts"
| where FileName !in~("app_process64", "app_process32", "dex2oat64")
| project Timestamp, DeviceName, InitiatingProcessFileName, FileName, ProcessCommandLine, FolderPath
| order by Timestamp desc

// Identify Google Messages accessing files in cache directories
DeviceFileEvents
| where InitiatingProcessFileName =~ "com.google.android.apps.messaging"
| whereFolderPath contains "cache"
| project Timestamp, DeviceName, InitiatingProcessFileName, ActionType, FilePath, SHA256
| order by Timestamp desc

Velociraptor VQL

Velociraptor can be used to hunt for the presence of the vulnerable packages and inspect running processes on mobile endpoints.

-- Hunt for the specific TTS package version and check permissions
SELECT 
  package_name AS PackageName,
  version_name AS Version,
  version_code AS VersionCode,
  request_permissions AS Permissions
FROM android_packages()
WHERE package_name = 'com.google.android.tts'

-- Monitor running processes for the specific audio decoders
SELECT Pid, Ppid, Name, Exe, Username, Cmdline
FROM pslist()
WHERE Name =~ 'tts'
   OR Name =~ 'dolby'
   OR Exe =~ 'udc'

Bash (Remediation/Verification)

If you have shell access (via ADB) to devices for auditing, you can use the following script to check the installed version of the Google TTS engine.

#!/bin/bash

# Check version of com.google.android.tts
PACKAGE="com.google.android.tts"

# Check if package is installed
if adb shell pm list packages | grep -q "$PACKAGE"; then
    echo "[+] Package $PACKAGE found."
    # Get version info
    adb shell dumpsys package "$PACKAGE" | grep "versionName"
else
    echo "[-] Package $PACKAGE not found."
fi

# Check for Dolby audio components (often vendor specific)
adb shell pm list packages | grep dolby

Remediation

To protect your organization against this and similar 0-click audio threats, implement the following measures:

1. Patch Immediately: Ensure all Pixel devices and other Android handsets are updated to the latest security patch level released by the vendor. Specifically, verify that the January 2026 (or later) security bulletin is applied, which addresses the memory corruption in the audio stack.
2. Disable Auto-Transcription via MDM: If your Mobile Device Management (MDM) solution supports it, create a configuration profile to disable "Live Caption" or automatic transcription features in Google Messages. While this impacts user convenience, it effectively closes the 0-click attack vector by requiring user interaction to play the audio.
3. Network Segmentation: Ensure mobile devices operating on untrusted networks (Guest Wi-Fi, cellular data) cannot directly access sensitive internal resources. Use a Mobile Secure Web Gateway or ZTNA solution to inspect traffic.
4. Application Vetting: Monitor the installation of alternative messaging apps that may implement their own audio decoding stacks, potentially introducing un-vetted code into the environment.

Related Resources

Security Arsenal Penetration Testing Services AlertMonitor Platform Book a SOC Assessment vulnerability-management Intel Hub