{"id":211852,"date":"2025-12-02T19:16:23","date_gmt":"2025-12-02T19:16:23","guid":{"rendered":"https:\/\/www.europesays.com\/ie\/211852\/"},"modified":"2025-12-02T19:16:23","modified_gmt":"2025-12-02T19:16:23","slug":"google-issues-critical-update-for-all-android-users-attacks-confirmed","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/ie\/211852\/","title":{"rendered":"Google Issues Critical Update For All Android Users\u2014Attacks Confirmed"},"content":{"rendered":"<p><img decoding=\"async\" class=\" top-image\" src=\"https:\/\/www.europesays.com\/ie\/wp-content\/uploads\/2025\/12\/1764702983_438_0x0.jpg\" alt=\"Google figure\" data-height=\"2670\" data-width=\"4000\" fetchpriority=\"high\" style=\"position:absolute;top:0\"\/><\/p>\n<p>Google confirms Android attacks.<\/p>\n<p>LightRocket via Getty Images<\/p>\n<p>Google has suddenly <a class=\"color-link\" href=\"https:\/\/source.android.com\/docs\/security\/bulletin\/2025-12-01\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" data-ga-track=\"ExternalLink:https:\/\/source.android.com\/docs\/security\/bulletin\/2025-12-01\" aria-label=\"confirmed\">confirmed<\/a> Android is under attack, rushing out fixes for two vulnerabilities \u201cthat could lead to remote denial of service with no additional execution privileges needed.\u201d Manufacturers will receive new source code \u201cwithin 48 hours.\u201d<\/p>\n<p>Google says there are \u201cindications\u201d that CVE-2025-48633 and CVE-2025-48572 \u201cmay be under limited, targeted exploitation.\u201d In addition to the two zero-days, more than 100 other patches are included in December\u2019s bumper update.<\/p>\n<p><a class=\"embed-base color-body color-body-border link-embed embed-2\" href=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2025\/12\/01\/iphone-and-android-vpn-ban-is-suddenly-real-do-this-instead\/\" target=\"_blank\" aria-label=\"\u2018Disaster\u2019\u2014iPhone And Android VPN Ban \u2018Actually Happening\u2019\" data-ga-track=\"forbesEmbedly:https:\/\/www.forbes.com\/sites\/zakdoffman\/2025\/12\/01\/iphone-and-android-vpn-ban-is-suddenly-real-do-this-instead\/\" rel=\"nofollow noopener\">Forbes\u2018Disaster\u2019\u2014iPhone And Android VPN Ban \u2018Actually Happening\u2019By Zak Doffman<\/a><\/p>\n<p>Both the high-severity exploited vulnerabilities affect Android\u2019s framework, and could lead to \u201cremote denial of service with no additional execution privileges needed.\u201d It seems almost certain that some form of malicious spyware is behind the exploits. Google will not issue any further detail until updates have been released.<\/p>\n<p>The fact that Google has issued the update on the first day of the month is notable. That it includes so many fixes is attributable to Google\u2019s new process, whereby omnibus quarterly updates group fixes leaving the intervening months relatively clear. That said, the zero days would have been patched immediately anyway.<\/p>\n<p>Neither vulnerability had been added to the U.S. cyber defense agency\u2019s <a class=\"color-link\" href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" data-ga-track=\"ExternalLink:https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" aria-label=\"Known Exploited Vulnerability\">Known Exploited Vulnerability<\/a> catalog by the end of Monday. You can expect both to be included within 24 to 48 hours, along with CISA\u2019s usual update mandate.<\/p>\n<p>The December update was also added late in the day to <a class=\"color-link\" href=\"https:\/\/security.samsungmobile.com\/securityUpdate.smsb\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" data-ga-track=\"ExternalLink:https:\/\/security.samsungmobile.com\/securityUpdate.smsb\" aria-label=\"Samsung\u2019s security page\">Samsung\u2019s security page<\/a>. Again, you want this update quickly, given its seriousness. Unfortunately most Samsung users won\u2019t get these updates any time soon. <a class=\"color-link\" href=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2025\/07\/24\/googles-unbeatable-pixel-update-leaves-samsung-behind-again\/\" data-ga-track=\"InternalLink:https:\/\/www.forbes.com\/sites\/zakdoffman\/2025\/07\/24\/googles-unbeatable-pixel-update-leaves-samsung-behind-again\/\" target=\"_self\" aria-label=\"Unlike Pixel\" rel=\"nofollow noopener\">Unlike Pixel<\/a> (and iPhone), it takes the course of the whole month to get updates across Samsung\u2019s entire install base.<\/p>\n<p><a class=\"embed-base color-body color-body-border link-embed embed-3\" href=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2025\/12\/01\/apple-ios-262-release-date-is-iphones-next-update-delayed\/\" target=\"_blank\" aria-label=\"Apple iOS 26.2 Release Date\u2014Is iPhone\u2019s Next Update Delayed?\" data-ga-track=\"forbesEmbedly:https:\/\/www.forbes.com\/sites\/zakdoffman\/2025\/12\/01\/apple-ios-262-release-date-is-iphones-next-update-delayed\/\" rel=\"nofollow noopener\">ForbesApple iOS 26.2 Release Date\u2014Is iPhone\u2019s Next Update Delayed?By Zak Doffman<\/a><\/p>\n<p>Users are urged to check their Android OEM instructions and apply the new update as soon as it\u2019s made available. While this attacks are highly targeted, such exploits have a nasty habit of expanding their outreach and getting chained with other flaws.<\/p>\n<p>If your Android phone is <a class=\"color-link\" href=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2025\/11\/04\/samsung-and-google-issue-update-warning-no-fix-for-1-billion-users\/\" data-ga-track=\"InternalLink:https:\/\/www.forbes.com\/sites\/zakdoffman\/2025\/11\/04\/samsung-and-google-issue-update-warning-no-fix-for-1-billion-users\/\" target=\"_self\" aria-label=\"no longer eligible\" rel=\"nofollow noopener\">no longer eligible<\/a> for security updates, you should consider an upgrade. The scale of December\u2019s release is a good reminder of why that\u2019s so critical.<\/p>\n","protected":false},"excerpt":{"rendered":"Google confirms Android attacks. LightRocket via Getty Images Google has suddenly confirmed Android is under attack, rushing out&hellip;\n","protected":false},"author":2,"featured_media":211853,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[257],"tags":[16110,5226,115747,41208,115746,18,19,17,279,45404,82],"class_list":{"0":"post-211852","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-mobile","8":"tag-android-attack","9":"tag-android-security","10":"tag-android-update-warning","11":"tag-android-vs-iphone","12":"tag-android-zero-day","13":"tag-eire","14":"tag-ie","15":"tag-ireland","16":"tag-mobile","17":"tag-samsung-vs-pixel","18":"tag-technology"},"share_on_mastodon":{"url":"https:\/\/pubeurope.com\/@ie\/115651581595003688","error":""},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/posts\/211852","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/comments?post=211852"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/posts\/211852\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/media\/211853"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/media?parent=211852"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/categories?post=211852"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/ie\/wp-json\/wp\/v2\/tags?post=211852"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}