Cybersecurity News

Home News Mobile Security Android Users Urged to Update Now Two Zero-Day Exploits Under Active Attack
Mobile Security

Android Users Urged to Update Now Two Zero-Day Exploits Under Active Attack

Android devices are facing a critical security update this month, with Google releasing patches to address a staggering 120 vulnerabilities. Among these fixes are two 'zero-day' flaws already being actively exploited in the wild, meaning attackers are using them to target Android users. Security experts strongly recommend installing the September 2025 Android security update as soon as possible.

18 views
Android Users Urged to Update Now Two Zero-Day Exploits Under Active Attack

Google just dropped its September 2025 security updates, and they're packing a punch. We're talking about fixes for a whopping 120 security flaws in the Android operating system. But the real kicker? Google says two of these vulnerabilities have already been exploited in targeted attacks.

So, what are these risky flaws?

  • CVE-2025-38352 (CVSS score: 7.4) - A privilege escalation vulnerability lurking in the Linux Kernel component.
  • CVE-2025-48543 (CVSS score: N/A) - Another privilege escalation flaw, this time in the Android Runtime component.

Google's being pretty tight-lipped, but they did say that both of these bugs could let attackers escalate their privileges locally without needing extra permissions. Even scarier, no user interaction is needed to pull off the exploit!

The big question: How are these vulnerabilities being used in the wild? Google isn't spilling all the beans, but they acknowledged indications of "limited, targeted exploitation." So, yeah, someone's definitely using them.

Apparently, Benoît Sevens from Google's Threat Analysis Group (TAG) found and reported the Linux Kernel flaw. This suggests it might be tied to those targeted spyware attacks we keep hearing about.

Beyond these critical issues, the update also tackles remote code execution, privilege escalation, information disclosure, and denial-of-service vulnerabilities across Framework and System components. It's a real mixed bag of nasty stuff.

To give Android partners some breathing room, Google's rolling out two security patch levels: 2025-09-01 and 2025-09-05. This lets them prioritize fixes that are common across different Android devices.

"Android partners are encouraged to fix all issues in this bulletin and use the latest security patch level," Google urged.

Just last month, Google released fixes for a couple of Qualcomm vulnerabilities (CVE-2025-21479 and CVE-2025-27038) that the chipmaker said were already being actively exploited. It seems like the security team is constantly playing whack-a-mole!

Tags:
Zero-Day Exploit Android Security CVE Patch Management Mobile Vulnerability Operating System Security

Related Articles

Android Patches Plug Actively Exploited Qualcomm Security Holes
Vulnerability

Android Patches Plug Actively Exploited Qualcomm Security Holes

Aug 5
Apple Fixes Safari Flaw Previously Targeted in Chrome Zero-Day Attacks
Vulnerability

Apple Fixes Safari Flaw Previously Targeted in Chrome Zero-Day Attacks

Jul 30
NVIDIA Container Toolkit Patch Flaw Exposes Systems to Attacks
Container Security

NVIDIA Container Toolkit Patch Flaw Exposes Systems to Attacks

Apr 10
Windows Zero-Day Used to Spread PipeMagic Ransomware Before Patch
Vulnerability

Windows Zero-Day Used to Spread PipeMagic Ransomware Before Patch

Apr 9
Back to All News