Android users placed on red alert - you must check your settings 'immediately'

Daily Record

07-05-2025

A worrying new Android bug has been discovered and is already being used to target devices.
Android phone users have been warned to make sure their settings are fully up to date, due to a worrying bug targeting them.
The stark warning from security experts after the bug has been found hiding within this hugely popular operating system. Google has now fixed the error, but not before it was handed the dreaded zero-day stamp.
‌
That tag basically means the glitch has already been spotted by hackers and is being actively exploited in the wild. That's why it's so vital everyone makes a quick check without delay, reports the Mirror.
‌
Senior Security Strategy Manager EMEIA at firm Jamf, Adam Boynto said: 'The latest Android Security Bulletin contains a fix for an actively exploited vulnerability, CVE-2025-27363, therefore we advise all Android users to update their devices immediately."
Google always releases monthly patches, which usually fix minor bugs and glitches. However, sometimes the problems are a little more serious and that's why it's vital all phone users make sure they keep on top of installing updates.
'The fixed bug is an out-of-bounds memory vulnerability in the FreeType software,' Jamf's Boynton explained. 'FreeType is a core component of Android devices because it renders fonts and is therefore an attractive target for cybercriminals. Exploiting the vulnerability could allow an attacker to gain control of the entire system without requiring elevated privileges.
'Although this is a targeted attack, most likely targeting high-value individuals, we strongly recommend that all users update their Android OS. The bug has been exploited since March, and its zero-click nature means that criminals can exploit the vulnerability without the user even being aware.'
Google usually rolls out its updates to Pixel devices first with other manufacturers such as Samsung, OnePlus and Honor following soon after the initial release.
No matter what phone you have in your pocket. It's a good idea to head to the settings menu this week and make sure things are fully updated.
‌
Join the Daily Record WhatsApp community!
Get the latest news sent straight to your messages by joining our WhatsApp community today.
You'll receive daily updates on breaking news as well as the top headlines across Scotland.
No one will be able to see who is signed up and no one can send messages except the Daily Record team.
All you have to do is click here if you're on mobile, select 'Join Community' and you're in!
If you're on a desktop, simply scan the QR code above with your phone and click 'Join Community'.
We also treat our community members to special offers, promotions, and adverts from us and our partners. If you don't like our community, you can check out any time you like.
To leave our community click on the name at the top of your screen and choose 'exit group'.
If you're curious, you can read our Privacy Notice.
It comes as an urgent alert was issued to all Gmail users to be aware of a new and sophisticated scam that could compromise their personal data. Last month, an alarming rise in attacks aimed at stealing sensitive information was recorded as hackers target users.
Security experts from Malwarebytes have now stepped in with their warning about this menacing online threat from cybercriminals who are exploiting Google's infrastructure, crafting emails that convincingly seem to be sent directly from the tech firm.
The aim of these online crooks is to trick people into divulging their Google account credentials. Users are urged to exercise caution when checking their email accounts to avoid being deceived. You can read more here.