Google reveals critical vulnerabilities in Android that are already being exploited in limited, targeted attacks. The failures, identified asCVE-2025-48633 e CVE-2025-48572, affect versions 13 to 16 of the operating system. Elas allow disclosure of sensitive information and elevation of privileges without user interaction.
The Samsung integrates the fixes into the December 2025 security update. Esse patch addresses dozens of issues, including six classified as critical. The rollout occurs gradually depending on the model and region.
Users of Galaxy devices must manually check update availability to protect their devices.
Vulnerabilities identified in the December bulletin
The Android security bulletin for December 2025 fixes more than 100 flaws in total. Duas of them receive special attention due to signs of active exploitation in targeted campaigns.
CVE-2025-48633 involves information disclosure in Framework of Android. Ela allows applications to access sensitive system data, bypassing sandbox protections. Ataques exploit this loophole to extract authentication tokens or cryptographic keys.
CVE-2025-48572 deals with elevation of privileges in the same component. Explorada in sequence with the previous one, it grants elevated access to local attackers. Esses risks affect devices without patch level 2025-12-01 or higher.
- Check the patch level on the phone software Configurações > Sobre > Informações.
- Update immediately if available to avoid known risks.
- Enable Google Play Protect for additional detection of malicious apps.
Samsung security update in detail
Samsung releases December 2025 patch with fixes for 57 Android vulnerabilities identified by Google. Adiciona 11 exclusive fixes for Galaxy devices, totaling 68 fixes.
Six flaws receive a critical rating, while the rest are high risk. The update already reaches flagship models such as Galaxy S25, S24, S23, Z Fold 6 and Z Flip 6 in regions such as Coreia and Sul. Expansion to other countries and devices will occur in the following weeks.
Older models receive quarterly or semi-annual updates. Isso extends the wait time for fixes on input or extended support devices.
How to check and install the patch on Galaxy
Users can confirm the update status directly on the device. Acesse the settings and navigate to the software information section to view the date of the last security patch.
Follow these steps on Samsung devices:
- Open Configurações and tap Sobre on the phone.
- Select software Informações.
- Scroll to Android-Sicherheitspatch-Ebene or Nível from security patch Android.
- Confirm that it displays a date of December 1, 2025 or later.
To install, go to Configurações > Software Atualização > Baixar and install. Conecte connect to a stable Wi-Fi network and keep battery above 50%. The process varies by model, but prioritizes flagships.
Differences in rollout between manufacturers
Google quickly patches Pixel devices, often within days of the bulletin. Outros manufacturers, including Samsung, tailor fixes to their specific interfaces and hardware.
This adaptation causes delays in complete deployment. Premium Modelos receive priority, while intermediate or older devices wait longer. Fragmentation of Android remains a challenge for uniform security.
Experts recommend immediate updates in cases of confirmed exploits. The inclusion of these flaws in the catalog of known exploited vulnerabilities reinforces the urgency.
Risks associated with exploited flaws
The vulnerabilities CVE-2025-48633 and CVE-2025-48572 present high risks as they allow attacks without direct interaction. Exploradores use chains for data leakage followed by control gain.
Well-known campaigns focus on high-value targets, such as activists or journalists. Unpatched Dispositivos are exposed to commercial spyware or state-sponsored attacks.
The December patch mitigates these vectors by fixing Framework. Manter the updated system significantly reduces the chances of compromise.
Recent models already updated
The distribution of the December update advances along premium lines from Samsung. Série Galaxy S25 receives the patch at the beginning of the month on Coreia of Sul.
Devices such as Galaxy S24, S23 and foldables Z Fold 6 and Z Flip 6 follow the schedule. Usuários report installations in European and Asian regions in recent weeks.
The company prioritizes critical fixes on flagships to minimize exposure. Regular Verificações ensure timely protection.
Additional protective measures
In addition to the official update, users adopt practices to reinforce security. Ative automatic checks for updates on the device.
Install applications only from Google Play Store. Habilite or Google Play Protect for continuous scanning. Evite suspicious links or downloads from unknown sources.
In sensitive use cases, consider advanced detection tools. The combination of patches and secure habits provides robust defense against today’s threats.
The December 2025 update represents an essential response to real risks in the Android ecosystem. Samsung continues rollout to cover wide range of Galaxy devices.
Keeping your device updated protects against known and future exploits. Collaboration between Google and manufacturers strengthens the overall security of the world’s most used operating system.