Google just fixed two critical Android zero-days and 60 other flaws — update your phone right now
Now fixed zero-days were used in targeted attacks

Installing update after update can get annoying real fast but when it comes to the best Android phones, there are some updates you don’t want to ignore.
Case in point, Google has just released its latest round of security updates for Android and the April 2025 patches fix a total of 62 vulnerabilities including two actively exploited zero-day flaws used by hackers in targeted attacks.
While the search giant’s own Pixel phones will get these patches first, BleepingComputer learned straight from Google that the fixes released today were shared with its OEM partners back in January.
This means that updates should be rolling out to the best Samsung phones and to devices from other big Android players like OnePlus, Motorola and more sooner rather than later.
Here’s everything you need to know about these now patched vulnerabilities including how they could be leveraged by hackers in their attacks along with some general tips and tricks to help keep your Android phone safe from malware and other cyber threats.
Actively exploited zero-days
Of these now fixed 62 vulnerabilities, the majority of them are high-severity elevation of privilege flaws while two are zero-day flaws that are much easier for hackers to exploit in their attacks.
The first zero-day (tracked as CVE-2024-43197) is a high-severity privilege escalation flaw in the Linux kernel’s USB-audio driver for ALSA devices. It was reportedly exploited by authorities in Serbia to unlock confiscated Android devices using a zero-day exploit chain created by an Israeli digital forensics company called Cellebrite.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
The second zero-day (tracked as CVE-2024-53150) is an Android Kernel information disclosure vulnerability that’s caused by an out-of-bound read weakness. If exploited, it can allow local attackers with access to your phone to access sensitive information without any user interaction.
Both of these zero-days along with 60 other security flaws have now been fixed into sets of security patches. Like I mentioned before, Google’s Pixel devices will receive these updates first while you might have to wait some time for other Android hardware vendors to test and implement them on their own devices.
How to keep your Android phone safe from hackers
Just like with the best iPhones, the most important thing you can do to keep your Android phone safe from hackers is to install new updates and security patches as soon as they become available.
However, given the somewhat fractured nature of Android, you may not get these updates for some time depending on who makes your Android phone or tablet.
This is why it’s worth investing in one of the best Android antivirus apps for additional protection. While your phone comes with Google Play Protect pre-installed to keep you safe from malicious apps, a third-party Android antivirus app can help fill in any blind spots while keeping you safe from the latest malware and online scams.
From here, you want to avoid clicking on links in messages from unknown senders and you also don’t want to download any attachments in emails from people you don’t regularly send files back and forth with.
Malicious links are an easy way to end up on a phishing site or worse, having your phone infected with malware and the same thing goes for attachments and other files downloaded from less reputable sites.
Google releases monthly security updates and patches but if you want to have the most secure Android phone available, then it’s worth considering a Pixel over say a Samsung Galaxy or a OnePlus phone.
Regardless of which phone maker you have, you want to consistently check to see if new updates are available and when they are, you should install them as soon as possible.
62 vulnerabilities may seem like a lot but keep in mind that these are flaws that were discovered and are now fixed. It’s up to you to keep your phone updated once patches like this roll out because hackers love nothing more than going after people with outdated software as this makes their work a whole lot easier.
More from Tom's Guide
Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.