Android users are advised to promptly update their devices with the latest operating system version following the release of a critical update by Google. The update addresses two significant bugs that have been classified as zero-day vulnerabilities, indicating that hackers are already aware of and actively exploiting these flaws.
While the number of affected users is believed to be limited, the potential risks associated with these vulnerabilities are substantial. One of the flaws, identified as CVE-2025-38352, impacts the kernel of the operating system, which serves as a crucial interface between hardware and software. Exploiting this vulnerability could lead to compromising the device’s security.
The other bug, identified as CVE-2025-48543, allows attackers to achieve local privilege escalation without requiring any user interaction. This vulnerability, situated within the Android Runtime, poses a significant risk due to its potential to go undetected by defenders. Consequently, it is strongly recommended that all Android users apply the update immediately to mitigate these security risks.
While Google’s Pixel phones are expected to receive the update promptly, devices from manufacturers like Samsung may experience a delay in receiving the patch as vendors adapt the changes for their specific devices. Users are urged to regularly check their device settings and ensure that their Android operating system is up to date to safeguard against potential threats.