Google’s Latest Patch Fixes 62 Security Vulnerabilities in Android
Google has released the April 2025 Android Security Bulletin , which includes fixes for 62 vulnerabilities affecting Android devices. According to Google, the two patches address critical zero-day flaws that could be used in “limited, targeted” attacks. Zero-days are security vulnerabilities that are exploited before the software developer can discover the bug and release a fix.
The April security update includes fixes for a number of issues, many of which are related to privilege escalation, as well as vulnerabilities in components from Qualcomm, MediaTek, Arm and Imagination Technologies.
Two serious feats
One of the zero-day exploits (designated CVE-2024-53197) is an escalation of privilege vulnerability in the Linux kernel USB audio driver for ALSA devices. According to Bleeping Computer , this vulnerability was identified by Amnesty International’s Security Lab in 2024 as part of a chain (along with one vulnerability patched in February and another patched in March) used by Serbian police to target activists.
Another zero-day vulnerability (labeled CVE-2024-53150) is an information disclosure vulnerability in the Android kernel that allows local attackers to access data without the device user’s involvement.
If you are an Android user, you should ensure that your device has the latest update.
How to update your Android
Google is releasing patches for both its Pixel phones and the underlying Android Open Source Project (AOSP) code, and is also notifying other device makers like Samsung, Motorola and Nokia in advance so they can release updates around the same time. If you’re on Android, you should receive a notification to install the update when it becomes available.
You can also go to About Phone or About Tablet > Android Version to make sure your device is running the latest version and check the update status (under System > Software Update or System Update ). If a fix is required, follow the instructions to download and install updates.
Any device running Android 10 or later can receive both security and Google Play system updates. This fix package applies to AOSP versions 13, 14, and 15 and is divided into two parts, the most recent of which is dated April 5, 2025.