The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert to Samsung and Google Pixel phone users: update your device before December 23 - or stop using it.

Though the directive is mandatory for federal employees, CISA strongly recommends all users follow suit to avoid potential attacks.

samsung techradar
CISA warns Samsung and Pixel users to install security patches immediately. Source: TechRadar

Google has confirmed that Android is being actively exploited through two serious vulnerabilities. The flaws, according to the tech giant, “could allow remote denial-of-service attacks without requiring additional execution privileges.”

Just hours after Google’s disclosure, Samsung released its December security patch, which includes fixes for three critical vulnerabilities discovered by Google’s Project Zero team.

The two most pressing vulnerabilities, CVE-2025-48633 and CVE-2025-48572, are reportedly already under targeted exploitation “on a limited scale.” While Google stated that all Android manufacturers would receive patches by December 3, actual rollout depends on device makers and mobile carriers.

CISA reiterated its firm stance: users must install the security patch before the December 23 deadline “or cease using the device if no mitigation is available.”

What’s particularly concerning is that, of the two critical flaws listed by CISA, only one currently appears in Samsung’s official update list. As usual, Google will not release full technical details until most devices have been secured.

Samsung’s three specific vulnerabilities are linked to the libimagecodec.quram.so library - the same source of a critical emergency patch back in October. According to Project Zero, all three flaws allow “out-of-bounds memory access,” making them potentially exploitable in remote attacks.

Forbes noted that the risk is especially high given Samsung’s position as the world’s largest Android smartphone manufacturer. The vulnerabilities primarily affect devices using Samsung’s image processing library.

Google is expected to confirm its patch for Pixel devices within the week, while newer Galaxy models will receive their update within a few days. Older Samsung devices may have to wait longer.

CISA reiterated that its mission is to “help all organizations manage vulnerabilities and keep up with emerging threats.” The agency urged IT teams to treat the actively exploited vulnerability list as a priority remediation tool.

For general users, the message is clear: install the update as soon as it becomes available - especially before December 23. If no patch is offered for your device, CISA strongly recommends discontinuing use to avoid exposure to remote cyberattacks.

Du Lam