Back to Intelligence

Pixel 9 0-Click Audio Exploitation: Analysis and Hardening Guide

SA
Security Arsenal Team
April 19, 2026
5 min read

Google Project Zero's latest research on the Pixel 9 has unveiled a sophisticated 0-click attack surface centered on audio processing. This is not a theoretical exercise; the ability to exploit a device without any user interaction—specifically via the innocuous act of receiving an audio message—represents a critical failure in our current mobile security models. For SOC analysts and CISOs, this highlights a blind spot in telemetry: background processing of untrusted data.

The attack leverages the automatic transcription features in Google Messages, specifically targeting the Dolby UDC (Universal Dynamic Codec) and the com.google.android.tts (Text-to-Speech) process. When an audio message arrives, these components decode and transcribe the content before the user ever interacts with the device. If an attacker sends a maliciously crafted audio file, they can trigger a vulnerability in this parsing chain, leading to remote code execution (RCE) with zero user clicks.

Technical Analysis

Affected Products & Platforms:

  • Platform: Android (specifically Google Pixel 9)
  • Application: Google Messages (default SMS app)
  • Key Components: Dolby UDC, com.google.android.tts

Vulnerability Details: While the specific CVE numbers are detailed in the full advisory, the core issue is a memory corruption vulnerability within the audio parsing libraries. Project Zero identified that the Dolby UDC is part of the 0-click attack surface because it handles audio transcription. Furthermore, the com.google.android.tts process independently decodes incoming audio, potentially expanding the attack surface or offering an alternative exploitation path.

Attack Chain:

  1. Delivery: attacker sends a specially crafted audio message (MMS/RCS) to the target Pixel 9 device.
  2. Processing: Google Messages automatically receives the message.
  3. Trigger: The operating system triggers automatic transcription.
  4. Exploitation: The Dolby UDC or com.google.android.tts parses the malicious audio stream, triggering a buffer overflow or memory corruption flaw.
  5. Execution: Code is executed in the context of the audio processor, potentially escalating privileges.

Exploitation Status: Technical research has demonstrated this exploit chain on Pixel 9. While widespread in-the-wild exploitation has not been confirmed at the time of writing, the technical capability exists, and the barrier to entry for sophisticated threat actors is low given the 0-click nature.

Detection & Response

Detecting 0-click exploits on mobile endpoints is notoriously difficult due to the lack of user interaction (no click, no UI event). However, defenders can hunt for the abnormal relationships between the messaging application and the audio processing services.

Sigma Rules

YAML
---
title: Potential 0-Click Audio Exploit - Google Messages Spawning TTS
id: 550d9a23-0f72-4e3a-a8c5-1d2f3b4c5d6e
status: experimental
description: Detects Google Messages spawning the Google TTS process unexpectedly, which could indicate processing of a malicious audio file as part of a 0-click chain.
references:
  - https://projectzero.google/2026/01/pixel-0-click-part-3.html
author: Security Arsenal
date: 2026/01/15
tags:
  - attack.initial_access
  - attack.t1190
logsource:
  category: process_creation
  product: android
detection:
  selection:
    ParentProcessName|contains: 'com.google.android.apps.messaging'
    Image|contains: 'com.google.android.tts'
  condition: selection
falsepositives:
  - Legitimate users listening to audio messages
level: low
---
title: Google Messages Interaction with Dolby UDC
id: 7a3f1c82-9e4b-4d67-bc12-3e5a8f901234
status: experimental
description: Detects execution of Dolby processes initiated by Google Messages, relevant to the 0-click audio exploit chain on Pixel 9.
references:
  - https://projectzero.google/2026/01/pixel-0-click-part-3.html
author: Security Arsenal
date: 2026/01/15
tags:
  - attack.initial_access
  - attack.t1190
logsource:
  category: process_creation
  product: android
detection:
  selection:
    ParentProcessName|contains: 'com.google.android.apps.messaging'
    Image|contains: 'dolby'
  condition: selection
falsepositives:
  - Legitimate audio playback on supported devices
level: medium


**KQL (Microsoft Sentinel / Defender for Endpoint)**
KQL — Microsoft Sentinel / Defender
DeviceProcessEvents
| where Timestamp > ago(7d)
| where InitiatingProcessFileName has 'com.google.android.apps.messaging'
| where FileName has 'com.google.android.tts' or FileName has 'dolby'
| project Timestamp, DeviceName, AccountName, FileName, InitiatingProcessCommandLine, SHA256
| order by Timestamp desc


**Velociraptor VQL**
VQL — Velociraptor
-- Hunt for active TTS or Dolby processes that may be processing untrusted audio
SELECT Pid, Name, Exe, Username, Cwd, StartTime
FROM pslist()
WHERE Name =~ 'com.google.android.tts'
   OR Name =~ 'com.google.android.apps.messaging'
   OR Name =~ 'dolby'


**Remediation Script (Bash for ADB)**
Bash / Shell
#!/bin/bash
# Verify patch level for Pixel 9 0-click Audio Vulnerability
# This script checks the Android Security Patch Level

# Function to check security patch
check_patch_level() {
    PATCH_LEVEL=$(adb shell getprop ro.build.version.security_patch)
    echo "Current Security Patch Level: $PATCH_LEVEL"

    # Check if patch is before January 2026
    # Note: Adjust date logic based on vendor advisory release date
    if [[ "$PATCH_LEVEL" < "2026-01" ]]; then
        echo "[WARNING] Device is vulnerable. Patch level is before January 2026."
        echo "[ACTION] Apply the latest Android Security Update immediately."
        return 1
    else
        echo "[INFO] Device patch level appears current."
        return 0
    fi
}

# Function to check Google Messages version (heuristic)
check_messages_version() {
    echo "Checking Google Messages version..."
    adb shell dumpsys package com.google.android.apps.messaging | grep versionName
}

check_patch_level
check_messages_version

Remediation

  1. Patch Immediately: The primary remediation is to apply the January 2026 Android Security Update (or later) provided by Google. This patch contains the fixes for the vulnerabilities in the audio parsing libraries.
  2. Update Google Messages: Ensure the Google Messages application is updated to the latest version from the Google Play Store, as fixes within the application logic may also be deployed independently of OS patches.
  3. Disable Audio Transcription (Workaround): Until patching is complete, users can disable the automatic transcription feature in Google Messages to reduce the attack surface:
    • Open Google Messages > Settings > Suggestions > Turn off "Show transcription".
  4. Verify MDM Compliance: For enterprise fleets, enforce strict Minimum Patch Level policies via your EMM/MDM solution to ensure devices meet the January 2026 baseline.

Related Resources

Security Arsenal Penetration Testing Services AlertMonitor Platform Book a SOC Assessment vulnerability-management Intel Hub

cvezero-daypatch-tuesdayexploitvulnerability-disclosureandroidpixel-9zero-click

Is your security operations ready?

Get a free SOC assessment or see how AlertMonitor cuts through alert noise with automated triage.

Book a SOC AssessmentSee AlertMonitor in Action