Urgent security fix rolls out

The December 2025 security bulletin from Google is heavier than usual. The tech giant has issued patches for 107 vulnerabilities, affecting everything from the core Android framework to chip components by Qualcomm and MediaTek.

While many of the fixes are part of routine maintenance, three issues have been labeled as especially critical. According to Google’s official release, two high-severity flaws are currently being exploited:

CVE-2025-48572: A privilege escalation vulnerability in the Android Framework that could allow attackers to gain deeper access than permitted.

CVE-2025-48633: An information disclosure flaw that may allow unauthorized access to private data.

Additionally, CVE-2025-48631 was patched - a severe bug that could let attackers remotely crash or reboot a device without user intervention. As usual, Google has withheld technical details to prevent copycat attacks but described the exploits as “limited and targeted.”

Why this update is especially important

The phrase "targeted attacks" often suggests the involvement of spyware or campaigns aimed at high-profile individuals. However, this doesn’t mean the average user is safe.

In fact, the severity of the flaws prompted the United States Cybersecurity and Infrastructure Security Agency (CISA) to add them to its list of mandatory updates, ordering all federal agencies to patch affected devices by December 23.

This situation once again highlights the persistent fragmentation of Android updates compared to Apple’s streamlined approach. When Apple identifies a zero-day exploit, it can push a "Rapid Security Response" to nearly every iPhone simultaneously.

With Android, unless you own a Pixel phone, you typically have to wait for your device manufacturer - such as Samsung or Motorola - and your carrier to approve the update. This delay creates a dangerous window between patch availability and actual delivery to users.

This is one of those moments when you should not swipe away the update notification. While the wait for updates from manufacturers can be frustrating, the current level of risk makes this update a top priority.

If you're using a Pixel device, the patch is likely already available in your settings. If you're on a Samsung Galaxy or another Android phone, you may need to wait a few more days. Unfortunately, this delay comes even as attacks are already underway.

Historically, "limited" attacks have often escalated rapidly once exploit code leaks or is replicated. Therefore, applying the update as soon as possible remains your safest move. In the meantime, users should exercise caution with sensitive apps - especially those involving banking or e-wallets.

Hai Phong