Security News > 2023 > October > Android October security update fixes zero-days exploited in attacks
Google has released the October 2023 security updates for Android, addressing 54 unique vulnerabilities, including two known to be actively exploited.
CVE-2023-4211 is an actively exploited flaw impacting multiple versions of Arm Mali GPU drivers used in a broad range of Android device models.
Of the 54 fixes concerning Android 11 through 13, five are rated critical, and two concern remote code execution problems.
This update follows the standard system of releasing two patch levels: the first focuses on core Android components, while the second addresses the kernel and closed-source components.
That said, users of older Android systems are recommended to upgrade to a newer model or flash their device with a third-party Android distribution that offers security updates for their models.
Arm warns of Mali GPU flaws likely exploited in targeted attacks.
News URL
Related news
- Qualcomm pledges 8 years of security updates for Android kit using its chips (YMMV) (source)
- Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities (source)
- Microsoft shares workaround for Windows security update issues (source)
- Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-01 | CVE-2023-4211 | Use After Free vulnerability in ARM products A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. | 5.5 |