Security News > 2025 > March > Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities
2025-03-04 04:07
Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild. The two high-severity vulnerabilities are listed below - CVE-2024-43093 - A privilege escalation flaw in the Framework component that could result in unauthorized access to "Android/data," "Android/obb,"
News URL
https://thehackernews.com/2025/03/googles-march-2025-android-security.html
Related news
- Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Google's got a hot cloud infosec startup, a new unified platform — and its eye on Microsoft's $20B+ security biz (source)
- Google adds Android auto-reboot to block forensic data extractions (source)
- Android Improves Its Security (source)
- Windows "inetpub" security fix can be abused to block future updates (source)
- Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security Products (source)
- Google fixes actively exploited FreeType flaw on Android (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-13 | CVE-2024-43093 | Unspecified vulnerability in Google Android In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. | 7.8 |