Security News > 2025 > March > Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities
2025-03-04 04:07
Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild. The two high-severity vulnerabilities are listed below - CVE-2024-43093 - A privilege escalation flaw in the Framework component that could result in unauthorized access to "Android/data," "Android/obb,"
News URL
https://thehackernews.com/2025/03/googles-march-2025-android-security.html
Related news
- Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities (source)
- Qualcomm pledges 8 years of security updates for Android kit using its chips (YMMV) (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification (source)
- Google Chrome's AI-powered security feature rolls out to everyone (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- How Google tracks Android device users before they've even opened an app (source)
- Google fixes Android zero-day exploited by Serbian authorities (source)
- Google expands Android AI scam detection to more Pixel devices (source)
- Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-13 | CVE-2024-43093 | Unspecified vulnerability in Google Android In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. | 7.8 |