Update Android now as critical vulnerabilities are confirmed.
Google has published the January Android security bulletin, and it’s bad news for users of Android 12 through 15, or good news, depending on your glass-half-full position, as several critical security vulnerabilities have been confirmed and fixed. “The most severe of these issues is a critical security vulnerability in the System component,” Google said, “that could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed.” Here’s what all Android users need to know and do.
Android Security Bulletin Confirms Critical Vulnerabilities
The latest Android security bulletin was published on Jan. 6 and contains confirmation of a number of security vulnerabilities that impact devices running the Android operating system. The bulletin itself includes details of varying technical depth covering each of the vulnerabilities grouped by the components they affect. The severity rating attached to each of these is based, Google said, on the impact that an exploit might have on any affected device, assuming platform and service mitigations are “turned off for development purposes or if successfully bypassed.” Needless to say, all Android users are urged to check their devices and ensure that they update to the latest version: security patch level 2025-01-05 or later.
The Critical Android Security Vulnerabilities
There were five critical security vulnerabilities found impacting the Android system component, namely:
Although very little technical detail has been released regarding these vulnerabilities, it is not unusual as Google looks to give users time to update their devices before releasing such details in the hope of preventing exploitation. You will see the same technical explanation reservations when it comes to Google Chrome security updates, for example. It has, however, been reported that “devices running Android 12 through Android 15 are particularly vulnerable,” and, as such, users are warned to update as soon as is possible.
Mitigating The Android Security Threat
“Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform,” Google said, recommending “all users to update to the latest version of Android where possible.” The Android security team also actively monitors for malicious activity through Google Play Protect which is enabled by default on devices with Google Mobile Services.