comscore
हिंदी
  • Home
  • News
  • Google Confirms Android Under Attack, Warns 30 Pct Of Phones Will Not Get A Fix

Google Confirms Android Under Attack, Warns 30 Pct Of Phones Will Not Get A Fix

Google has confirmed active Android exploits and warned that over 30% of phones running older versions will not receive security fixes.

Published By: Shubham Arora | Published: Dec 24, 2025, 12:33 AM (IST)

Android security alert

photo icon Android security alert

  • whatsapp
  • twitter
  • facebook
  • whatsapp
  • twitter
  • facebook

Google has issued a fresh security warning for Android users, confirming that two serious vulnerabilities are already being exploited and that a large section of devices will not receive fixes. The disclosure comes as part of Google’s December Android security bulletin and highlights a growing gap between supported and unsupported phones. news Also Read: How To Enable Android Emergency Location Service In India

What Google Has Confirmed

According to Google, there are “indications” that two flaws, tracked as CVE-2025-48633 and CVE-2025-48572, are being used in limited, targeted attacks. While the initial use appears focused, Google cautioned that such exploits often spread once details become public. news Also Read: Forgot Where You Parked? Google Maps Can Help You Find Your Car

The warning follows a turbulent period for mobile security. Shortly after Google’s disclosure, the company also flagged an active Chrome-related threat. Around the same time, Apple issued its own alert, stating that Apple users were being targeted by mercenary spyware, underlining how widespread these threats have become across platforms. news Also Read: Realme 16 Pro Series Camera Details Revealed Ahead Of Launch: ALL Details Here

What The Vulnerabilities Allow

Security firm SOCRadar explains that CVE-2025-48633 affects the Android Framework and allows information disclosure. In simple terms, the first issue could allow an attacker to see data that is normally kept separate inside the system. By itself, the issue is unlikely to let someone take full control of a phone. However, it can lower the system’s defences and make it easier for attackers to combine it with other flaws.

The second vulnerability, CVE-2025-48572, poses a bigger risk. It can let a harmful app access permissions it was never meant to have, opening the door to deeper control over the device than Android is designed to allow. This opens the door for attackers to break out of Android’s app sandbox and move closer to system-level control.

Who Gets The Fix And Who Does Not

Google has released patches for both vulnerabilities and distributed them to Android manufacturers, including Samsung. However, the fixes are only available for devices running Android 13, 14, 15, and 16.

That leaves a major portion of users exposed. More than 30% of Android phones globally still run Android 12 or older. For these devices, no official fix is coming. Even for supported phones, updates depend on manufacturers rolling them out and users installing them promptly, which often takes weeks or longer.

Trending Now

For roughly one billion Android users on unsupported versions, the risk is ongoing, with no security patch expected in the future.