Android users are urged to promptly update their devices with the latest operating system version to address two critical bugs recently confirmed by Google. These vulnerabilities have been classified as zero-day, indicating that malicious actors are actively exploiting them. While the extent of the attacks is believed to be limited, experts emphasize the importance of immediate action.
The identified flaws, CVE-2025-38352 and CVE-2025-48543, impact the kernel and Android Runtime, respectively. The former could lead to device compromise, while the latter enables privilege escalation without user interaction, posing significant risks. Security professionals recommend all Android users to update their systems without delay to mitigate these threats.
While Google Pixel phones are expected to receive the update promptly, devices from other manufacturers, like Samsung, may experience delays as they adapt the changes for their systems. It is crucial for Android users to regularly check for updates in their device settings to ensure optimal security.
At Reach and its affiliates, user data may be collected for site improvement and personalized advertising through cookies and device identifiers. Opt-out options are available, and user consent to these practices is assumed through the use of services provided.