Google Patches Actively Exploited Zero-Day Vulnerabilities
▼ Summary
– Google’s December Android Security Bulletin disclosed 107 zero-day vulnerabilities affecting its mobile OS and the Android Open Source Project (AOSP).
– The initial advisory on December 1 provided patches for 51 flaws, with 37 in the framework and 14 in the system, and the remaining 56 patches due on December 5.
– Two high-severity information disclosure flaws (CVE-2025-48633 & CVE-2025-48572) are noted as potentially under limited, targeted exploitation, affecting Android versions 13 through 16.
– A critical vulnerability (CVE-2025-48631) in the Android Framework could lead to remote denial of service without requiring additional execution privileges.
– The upcoming December 5 patches will address 56 vulnerabilities in core Android components like the kernel and third-party components from Arm, MediaTek, and Qualcomm.
Google has released a critical security update addressing over a hundred vulnerabilities in its Android operating system. The December security bulletin details patches for 51 initial flaws, with more fixes scheduled for release. Among these, three specific vulnerabilities demand immediate attention from users and administrators due to their active exploitation potential and severe impact.
The bulletin highlights two high-severity information disclosure flaws within the Android framework, identified as CVE-2025-48633 and CVE-2025-48572. Google has indicated these vulnerabilities are likely being used in limited, targeted attacks. Both affect a wide range of Android versions, including 13, 14, 15, and 16. The exploitation of CVE-2025-48633 can lead to the unauthorized exposure of sensitive data, while CVE-2025-48572 could allow an attacker to obtain elevated privileges on a compromised device. As of now, these specific flaws have not yet been cataloged by CISA’s Known Exploited Vulnerabilities list, but their active threat status makes patching urgent.
A third significant issue patched in this update is a critical remote denial-of-service vulnerability tracked as CVE-2025-48631. This flaw resides in the Android Framework and is particularly dangerous because an attacker could trigger it without needing any special execution privileges, potentially rendering a device unresponsive.
The initial set of 51 patches addresses issues in the Android framework and system components. A subsequent update planned for December 5 will deliver an additional 56 fixes. These forthcoming patches will target vulnerabilities in core Android components like the kernel, as well as in third-party hardware and software from major vendors including Arm, Imagination Technologies, MediaTek, Qualcomm, and Unisoc. This comprehensive update underscores the ongoing challenge of securing complex mobile ecosystems that rely on multiple technology providers.
For optimal device security, users are strongly advised to install these security updates as soon as they become available through their device manufacturer or carrier. The disclosure of actively exploited flaws makes applying these patches a critical defensive action against potential real-world attacks.
(Source: InfoSecurity Magazine)