Android’s December 2025 Updates Patch Two Zero-Days

Google on Monday released new security updates for Android users, warning that two of the resolved vulnerabilities have been exploited in attacks.

The exploited zero-days, tracked as CVE-2025-48633 and CVE-2025-48572, impact the platform’s Framework component and could be exploited for information disclosure or elevation of privilege, respectively.

Google has refrained from sharing additional information on the two security defects, except that they impact Android versions 13, 14, 15, and 16.

Given the internet giant’s phrasing, both flaws might have been exploited by a commercial spyware vendor.

The issues were addressed in the first part of Android’s December 2025 security update, which arrives on devices as the 2025-12-01 security patch level, and which contains patches for 51 vulnerabilities in the Framework and System components.

“The most severe of these issues is a critical security vulnerability in the Framework component that could lead to remote denial of service with no additional execution privileges needed,” Google’s advisory reads.

The fresh Android update resolves a total of 107 bugs, with the second part of the update, the 2025-12-05 security patch level, containing fixes for all.

The patches also target the kernel, along with Arm, Imagination Technologies, MediaTek, Unisoc, and Qualcomm components.

This month, there are no flaws addressed in Google Play system updates, and no security patches included in the Android Automotive OS and Wear OS security bulletins.

Devices running a security patch level of 2025-12-05 or later contain fixes for all vulnerabilities resolved with the December 2025 updates and previous Android patches.

This article was published by Security Week. Please check their website for the original content.