Google Patches Critical Android Zero-Day Security Flaws Exploited by Hackers

Here's why you should download the latest Android update on your Pixel smartphone right away.

Written by David Delima | Updated: 9 April 2025 14:04 IST

Google Patches Critical Android Zero-Day Security Flaws Exploited by Hackers

Google Pixel owners who install the latest updates should be protected against the flaws

Highlights

Google has fixed 62 security flaws affecting Android smartphones
Two of these vulnerabilities were critical zero-day security flaws
Google says one of the flaws could be exploited without user interaction

Google has fixed two zero-day security flaws affecting Android devices, with the latest security update that began rolling out to users on Monday. The company says it is aware of the possibility of these two high-severity vulnerabilities being exploited to target users. One of the flaws enables a zero-click exploit that provides hackers with access to sensitive information on a user's device, without requiring any user interaction. Users should update their Pixel devices to make sure that they have the latest security patches, while other smartphone users will have to wait until their smartphone maker rolls out these fixes.

Google Fixes 62 Vulnerabilities Affecting Android Devices

The latest Android security update began rolling out to eligible devices on Monday, along with fixes for two flaws identified as CVE-2024-53150 and CVE-2024-53197, two flaws in the USB subcomponent o f the Android Kernel. The latter could allow hackers to remotely gain elevated privileges on an affected smartphone, and the exploit did not need user interaction, according to Google.

The CVE-2024-53197 was used in conjunction with two other vulnerabilities that were previously patched — CVE-2024-53104 and CVE-2024-50302 — to access an Android smartphone used by a Serbian activist, according to a report. Users with updated smartphones should be protected against such an exploit.

Google Fixes Critical Zero-Day Security Flaw Affecting Google Chrome

There's no word from Google on how the CVE-2024-53150 vulnerability was used to target users. The description of the security flaw on the NIST database reveals that an out-of-bounds flaw discovered in the USB subcomponent of the Android Kernel could result in sensitive information disclosure.

Meanwhile, Google's Android security bulletin for April also reveals that 60 other security vulnerabilities with varying severity ratings have been patched with the latest update. These include a handful of high-severity flaws that allowed hackers to gain elevated privileges on an unpatched smartphone.

This Crypto Malware Infected Several Apps on the Play Store, App Store

Google Pixel users can download the latest Android update to their smartphone, which should bring the security patch to 05-04-2024. Other smartphone users will have to wait for a few weeks (or months in some cases) for the relevant security updates to reach their handsets in the form of a security update. Regardless, users should install the latest security patches as soon as they are available in order to remain protected against the two critical vulnerabilities patched by Google.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Google, Android, Security Vulnerabilities, Security Flaws, Android Security

David Delima

Email David Delima

As a writer on technology with Gadgets 360, David Delima is interested in open-source technology, cybersecurity, consumer privacy, and loves to read and write about how the Internet works. David can be contacted via email at DavidD@ndtv.com, on Twitter at @DxDavey, and Mastodon at mstdn.social/@delima. More