Google has just fixed critical security vulnerabilities in Android. Some of them are already being used by hackers to attack phones. An update A quick update is essential to stay protected.
Android smartphones are often the target of hacking campaigns that go unnoticed. These attacks rely on security flaws, sometimes invisible to the user, but which allow hackers to access the phone's files or take control of them remotely. To limit these threats, Google publishes monthly updates that address those identified in the system. But some vulnerabilities are discovered when they are already being exploited by malicious groups.
In its security update As of April 2025, Google is patching 62 vulnerabilities spread across several components of the Android system. Two of them are particularly worrying because they have been identified in real-life attacks. Referenced CVE-2024-53150 and CVE-2024-53197, they affect the USB subsystem of the Linux kernel used by Android. They allow, respectively, recovery of confidential data and gaining extensive access to the system without authorization. According to the company's blog, no user action is required for an attack to work.
Two critical flaws in Android have already been exploited to hack smartphones
Both vulnerabilities share a severity score of 7.8 on the CVSS scale, indicating a high risk level. CVE-2024-53197 had already was identified in a targeted attack against an activist in Serbia in late 2024. According to Amnesty International, this flaw was part of a chain of three vulnerabilities used to bypass all device protections. Google has gradually patched the other elements of this attack in its previous monthly updates.
With the April update, the three flaws used in this type of attack are now patched. The risk of this method being reused is therefore greatly reduced, provided users install the patch. As always, distribution depends on Android phone manufacturers. To check if it's available, simply open Settings, then go to System > System Update, and run a search. Installing it as soon as it appears helps protect against invisible and hard-to-detect attacks.
0 Comments