Android phone users are urged to stay vigilant as a critical bug has been discovered within the popular operating system. Security experts warn that the bug, recently fixed by Google, had reached zero-day status, indicating active exploitation by hackers in the wild. To safeguard against potential threats, all Android users are advised to promptly update their devices.
The vulnerability, identified as CVE-2025-27363, was described by Adam Boynton, Senior Security Strategy Manager EMEIA at Jamf, as an out-of-bounds memory flaw within the FreeType software, a crucial component responsible for font rendering on Android devices. Exploiting this vulnerability could grant attackers control over the system without requiring elevated privileges. Despite being a targeted attack primarily aimed at high-value individuals, all users are strongly recommended to update their Android OS immediately. The bug, exploited since March, poses a serious risk due to its zero-click nature, allowing criminals to exploit the vulnerability discreetly.
Google typically releases monthly patches to address various issues, emphasizing the importance of regular updates to enhance device security. While updates are initially rolled out to Pixel devices, other manufacturers like Samsung, OnePlus, and Honor follow suit shortly after the initial release. Regardless of the phone model, it is crucial for users to verify that their devices are running the latest software versions by accessing the settings menu.
In compliance with data privacy regulations, Reach and its affiliates utilize cookies and other identifiers to enhance site functionality, analyze usage patterns, and provide personalized advertisements. Users can manage their data sharing preferences by clicking the “Do Not Sell or Share my Data” button on the webpage. By using the website and services, users consent to the application of cookies and acknowledge the practices outlined in the Privacy Notice and Cookie Policy.
