Google Closes Android Security Vulnerability Exploited by Hackers
Google has released the May security update for Android, addressing a total of 46 vulnerabilities in the smartphone OS. Attackers may have already actively exploited a particularly severe security flaw. Users need to update their devices to the latest version.
Critical Android Security Flaw Exploited by Hackers
The May 2025 Security Bulletin addresses several vulnerabilities in the Android system and framework, as well as Google Play updates. The most dangerous of these is identified as CVE-2025-27363 and affects the open-source program library FreeType. An error in text rendering can allow local malicious code to be executed without additional execution rights and without user interaction.
ADVERTISEMENT
Google warns: 'There are indications that CVE-2025-27363 may be exploited in a limited and targeted manner.' However, specific details about the attack methods or affected targets are not known. The vulnerability has a CVSS base score of 8.1, making it highly dangerous.
Error in Font Processing
The alert about the Android security flaw came in March 2025 from Facebook, which also provided evidence of active exploitation online. It is an out-of-bounds write error that occurs when processing TrueType GX and variable font files, allowing the injection of malicious code. The vulnerability affects only older FreeType versions prior to 2.13.1.
Users Must Install Current Security Patch
To address the vulnerabilities, the installation of the May 2025 Android security patch is required. It has been available since May 5 for compatible smartphone models. Installation requires at least Android 13. Older versions of the operating system no longer receive security updates from Google.
The post Google Closes Android Security Vulnerability Exploited by Hackers appeared first on TECHBOOK.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
an hour ago
- Yahoo
Google slugged $55m over Telstra, Optus deal
Tech giant Google has agreed to pay a $55m fine for a deal with Australia's major telcos aimed at reducing search competition. According to the ACCC, the deal involved Telstra and Optus pre-installing only Google Search on Android phones the telcos sold to consumers. In return, Telstra and Optus would receive a share of the revenue generated from ads displayed to consumers via Google Search on these devices. The ACCC said by pre-installing Google Search engines on these devices, the telcos and tech giant engaged in anticompetitive business practices. The ACCC said the breaches in competition laws occurred between December 2019 and March 2021. Google admitted that this relationship with the telcos substantially lessened competition, the ACCC said. The proceedings started on Monday in the Federal Court, with Google admitting liability and agreeing to pay $55m. 'Conduct that restricts competition is illegal in Australia because it usually means less choice, higher costs or worse service for consumers,," ACCC chair Gina Cass-Gottlieb said. Telstra, Optus and TPG last year agreed with the ACCC not to enter into new search exclusive deals with Google. 'Today's outcome, along with Telstra, Optus and TPG's undertakings, have created the potential for millions of Australians to have greater search choice in the future and for competing search providers to gain meaningful exposure to Australian consumers,' Ms Cass-Gottlieb said. The three telcos could configure search services on a device-by-device basis and in ways that may not align with Google settings, the ACCC said. It said Google didn't agree with all of the ACCC's concerns but gave an undertaking to address them.
Forbes
3 hours ago
- Forbes
Amazon's App Store Decision—48 Hours To Delete Your Apps
You have been warned. Amazon has confirmed that 'starting August 20, 2025, you will no longer have access to the Amazon Appstore on your Android device.' That's just 48 hours from now. The retail giant says it will now focus its efforts on its own devices. For anyone who has installed an app from the store, this is a potential security threat and you need to act before the deadline. All apps must be deleted. Per Android Police, 'once no longer supported, apps downloaded via the Amazon Appstore "will not be guaranteed to operate on Android devices." That means no support, which not only risks apps becoming 'highly unstable' but also means any security vulnerabilities will not be patched. While Amazon's advice is to install replacement or replica apps from Google's Play Store, you actually need to do more than that. Any apps you may have installed from Amazon's store need to be deleted. If they remain on your phone in an unsupported state, then it outs your device and your data at risk. Amazon also confirms that 'we will also be discontinuing the Amazon Coins program on August 20, 2025.' Those who have used the store and still have Amazon Coins will see those refunded, albeit details on how and when that will be done seem scarce. Android users should focus on Play Store only for apps, it remains your best bet when it comes to security safeguards and works in tandem with Android's core OS and the Play ecosystem that underpins it. That includes Play Protect, which protects your phone from dangerous apps from any source. It's also worth noting that Google is pushing a wider clampdown in third-party stores with its new Advanced Protection Mode, albeit Amazon would no doubt have been seen as an official store for all phones had it continued longer term.
Yahoo
3 hours ago
- Yahoo
Australian regulator sues Google over anti-competitive Search deals
(Reuters) -Australia's competition regulator said on Monday it has begun proceedings against Alphabet's Google over its past deals with telecom operators Telstra and Optus for the pre-installation of Google Search on Android mobile phones. Google has cooperated with the regulator, admitted liability and agreed to jointly submit to the Federal Court that it should pay a total penalty of A$55 million ($35.8 million), the Australian Competition and Consumer Commission (ACCC) said. ($1 = A$1.5349)
