326/68 Friday, September 5, 2025
Google has released the September 2025 Android security update, addressing a total of 120 vulnerabilities, including two zero-days currently under active exploitation: CVE-2025-38352 in the Linux Kernel and CVE-2025-48543 in the Android Runtime. Both flaws can be exploited for privilege escalation without requiring special permissions or user interaction.
In addition to these zero-days, Google fixed other security issues across the Framework and System, covering vulnerabilities such as remote code execution, privilege escalation, information disclosure, and denial-of-service. The update provides two patch levels—2025-09-01 and 2025-09-05—allowing Android device manufacturers flexibility to roll out updates quickly.
Google strongly urged both manufacturers and users to apply the latest security updates as soon as possible to minimize the risk of exploitation. The company also reminded that in August 2025, it had patched a critical vulnerability in Qualcomm chipsets, which was also being actively exploited in the wild.
Source https://thehackernews.com/2025/09/android-security-alert-google-patches.html
