Android users are urged to promptly update their devices to the latest operating system version to address two critical bugs recently confirmed by Google. These vulnerabilities have been assigned a zero-day rating, indicating that malicious actors are actively exploiting them. It is crucial for users to install the fix as soon as possible to mitigate potential risks.
The identified vulnerabilities, CVE-2025-38352 and CVE-2025-48543, target the kernel and Android Runtime, respectively. Exploiting these flaws could lead to device compromise and local privilege escalation without user interaction. While the attacks are currently limited in scope, all Android users are advised to update their systems immediately.
Google’s Pixel phones are expected to receive the update promptly, but users of other devices, like Samsung phones, may experience a delay as vendors adapt the changes for their specific devices. Regularly checking device settings and ensuring timely updates are recommended practices for Android phone users to enhance security and protect against potential threats.