Android Issues Security Update to Patch Actively Exploited 0-Day Flaws

Google has released a critical Android Security Bulletin for September 2025, addressing multiple high-severity vulnerabilities that are currently being actively exploited in the wild.

The security patch level 2025-09-05 or later is required to protect Android devices from these serious threats.

The security bulletin reveals that two CVEs are under limited, targeted exploitation, making this update particularly urgent for Android users worldwide.

The most severe vulnerability affects the System component and could enable remote code execution without requiring any additional privileges or user interaction.

Critical Vulnerabilities Under Active Exploitation

According to Google’s security assessment, the vulnerability’s severity rating assumes that platform and service mitigations are disabled for development purposes or have been successfully bypassed by attackers. This indicates the potential for serious compromise if exploited successfully.

The security update addresses vulnerabilities across multiple Android components, with particular focus on the Android Runtime and System components.