Google just fixed a zero-day kernel flaw used by hackers and 47 other vulnerabilities — update your Android phone right now

2 hours ago 4

(Image credit: Tom's Guide)

Keeping your phone up to date and running the latest security patches is the easiest way to stay safe from hackers which is why if you own one of the best Android phones, you’re going to want to install the February 2025 Android security updates right away.

As reported by BleepingComptuer, Google has released this month’s Android security updates which include fixes for 48 different vulnerabilities, including a zero-day kernel flaw that has been exploited in the wild by hackers in their attacks.

This high-severity zero-day (tracked as CVE-2024-53104) is a privilege escalation flaw in Android’s USB Video Class driver. If exploited, it can allow an authenticated attacker with access to your device to elevate privileges in low-complexity attacks.

Without getting too technical, this zero-day causes the buffer size of frames to be miscalculated which can then lead to potential out-of-bounds writes. This can then be exploited to execute arbitrary code on a vulnerable Android phone or to launch denial-of-service attacks.

While not a zero-day, there's also a flaw fixed by the February 2025 Android security updates (tracked as CVE-2024-45569) in the WLAN component of Qualcomm’s chips. This firmware memory corruption issue can be exploited by remote attackers to execute arbitrary code or commands, to read or modify memory and to trigger crashes in low-complexity attacks which don’t require any user interaction or privileges.

Your security updates are coming

One of the reasons you might want to consider the Pixel 9 or even the upcoming Pixel 9a as your next Android phone is because Google’s Pixel devices get the latest updates and security patches first. While Samsung, OnePlus, Motorola and other Android phone makers get these updates as soon as they become available, there’s often a delay in sending them out to users since each company likes to put their own spin on Android.

This month, Google released two sets of patches: the 2025-02-01 and 2025-02-05 security patch levels. The former is basically what you’re getting on Pixel phones and the latter includes everything from the first along with additional patches for closed-source third-party and kernel elements that don’t necessarily apply to all Android devices.

Get instant access to breaking news, the hottest reviews, great deals and helpful tips.

If you want to get Android and security updates as quickly as possible but don’t necessarily want to buy a Pixel, then you want to look for a phone with a very lightly skinned version of Android. However, you should also look into how often companies send out patches before choosing your next smartphone.

How to keep your Android smartphone safe from hackers

A hand holding a phone securely logging in

Besides updating your Android phone and the apps installed on it regularly, there are also a few other things you can do in order to stay safe from hackers.

For starters, you want to make sure that Safe Browsing is enabled to protect you and your device against dangerous websites, downloads and extensions. However, if you want to be extra careful, you can take things a step further and sign up for Enhanced Safe Browsing in Chrome. Not only does it protect you from all of the above, but it can also warn you when your passwords have been exposed in a data breach.

Although Android has its own built-in password manager through Chrome, you may also want to sign up for one of the best password managers as they often include extras like a VPN to keep your browsing private. Likewise though, many of the best Android antivirus apps, also include both of these security tools. Even if you are using an Android antivirus, you also want to ensure that Google Play Protect is enabled and running on your device as this built-in tool scans all of your existing apps and any new ones you download for malware.

Keeping your Android smartphone updated is the most important first step but with a few extra security tools and features installed on your phone, you’ll be much less likely to fall victim to malware, phishing and other cyberattacks.

More from Tom's Guide

Billions of Chrome users at risk from new browser-hijacking Syncjacking attack
Why you need to review your app permissions now
Google blocked over 2.5 million suspicious Android apps from the Play Store last year

Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.

Read Entire Article