Make sure you have the latest Android Security Update installed on your phone
CVE-2025-38352 affects the Android Kernel, or the brains of the Android operating system. The kernel keeps everything running smoothly. The vulnerability took place in the part of the Android system that handles the alarm clocks built into apps that make sure certain things are done at certain times. When two parts of the system try to clear the timers simultaneously, bad things can happen, and a hacker could use this flaw to access higher-level controls that could allow him to take control of deeper parts of the system.
Google, as noted, fixed this with a patch in the September 2025 Android update that was recently released. To make sure that your Android phone has been updated, go to Settings > About Phone > Android version > Android security update. If it says September 5, 2025, or later, this flaw is patched on your phone. If not, update your phone immediately.
The second flaw is CVE-2025-48543, which featured a serious flaw in Android Runtime (ART). This is the part of the phone that runs apps, and the vulnerability is a memory handling mistake. This is compared to a hotel that rents out a room, turns over the key, deletes the room, but forgets to cancel the key. A hacker with that key could still enter the room and take it over.
A hacker could develop a malicious app that exploits this vulnerability to get higher permissions than it should have. As a result, system processes that only Google or your phone manufacturer would normally control could be controlled by the malicious app resulting in access to your personal data and app credentials such as passwords.
As we mentioned earlier in the story, Google thinks that these flaws have been exploited, although these attacks could be limited to targeted Android users such as journalists, government workers, and activists.
What you should do now
What is worrisome is that Google says that CVE-2025-38352 and CVE-2025-48543 can be exploited without user interaction. This means that you do not have to tap on a specific link, open an attachment, or even click “Allow” on a permission box. Once the malware is on your phone, often in the form of a malicious app, you do not need to do anything to make the attack succeed.
This type of attack is concerning. Let’s say that you find a coloring app on your phone that seems like fun. Normally, after you install the app on your phone, such malware might try to trick you into opening a link or pressing a button. But with this type of malicious app, it can run its attack in the background without you having to press or do anything to activate it once it is downloaded on your device.
What you need to do now is:
- Update your phone.
- Make sure that you have the latest Security update versions on your phone.
- Run only trusted apps. Do not sideload apps from third-party app storefronts.
- Keep Google Play Protect enabled to help catch malicious apps before they cause serious issues for you.
You might not take these monthly security updates seriously. Even if you don’t, you really should take the time to install the latest release every month.
“Iconic Phones” is coming this Fall!
Good news everyone! Over the past year we’ve been working on an exciting passion project of ours and we’re thrilled to announce it will be ready to release in just a few short months.
