Patch Tuesday is next week, but Android is ahead of the game, abandoning its biggest patch bundle this year while attackers actively exploit two of the faults now set.
This month, the most popular mobile operating system in the world rejected 120 patches, its largest monthly discharge this year. It is far from July, when Android did not issue A single patch like everything was apparently fine, but in September, two of the faults can be under a “limited and targeted exploitation”.
The two greatest concerns are CVE-2025-38352a high severity problem with the Linux kernel at the heart of the operating system, and CVE-2025-48543A high severity problem with the Environmental Environmental Accommodation Applications of Android. An attacker can increase local privileges with both faults, without even requiring user interaction.
Google has refused to name who exploits the faults or how, but the language suggests that a surveillance software company uses them to enter. We asked noting Flaw-Finders Citizen Lab at the University of Toronto, but they say they have detected anyone using the Vulns. However, the Hong Kong’s Emergency Intervention Team published an alert and has echoed Google’s warning, noting that there are limited and targeted exploitation signs.
“CVE-2025-38352 and CVE-2025-48543 are dispersed [sic] Exploited: ” warned.
The September update also includes three critical vulnerabilities in the components with a closed source of Qualcomm. CVE-2025-21450 is a listed CVSS 9.1 vulnerability in its GPS control system, CVE-2025-21483 covers problems with network data batteries, and CVE-2025-27034 implies a problem with the Qualcomm multi-modmm call processor.
Qualcomm A, perhaps under pressure from Google, increasing its defect fixing game. In February, he doubled the time he would support his components from four to eight. Google, on the other hand, guarantees seven years of SG and security updates for its own Pixel 8 line and later.
Imagination Technologies also gets 10 corrections, all in its Powervr GPU and all the strong gravity.
Most remaining Android defects are assessed at high severity, although there is also a critical distant code execution hole in the system component (CVE-2025-48539), so that the update must be installed as soon as possible. But this is where the problem lies. While the owners of the Google Pixel Combine Line will obtain rapid fixes, it is only a fraction of vulnerable handsets, the chocolate factory having only about four percent of market share in the United States.
The two biggest Android players in the United States are Samsung and Motorola, and they will launch these fixes when they are good and ready. We have asked the two mobile manufacturers when people get a solution for these active vulnerabilities and update you if we hear. ®
