Google March Android Security Update fixes two high severity vulnerabilities — update now

News
By
published

And both have been exploited in the wild.

Android 12
(Image credit: quietbits/Shutterstock)

The March 2025 release of the Android Security Bulletin not only addresses 44 total vulnerabilities — it also patches two active high-severity vulnerabilities that have come under exploitation in the wild. According to Google, CVE-2024-43093 and CVE-2024-50302 have both come under “limited, targeted exploitation” and in response, the company has released two security patch levels.

The two security patch levels are 2025-03-01 and 2025-03-05 which are intended to give flexibility and to quickly address a portion of similar vulnerabilities across all Android devices.

The two high-severity vulnerabilities are both privilege escalation flaws; CVE-2024-43092 is a privilege escalation flaw in the Framework component that could allow unauthorized access in directories or subdirectories, while CVE-2024-50302 is a privilege escalation flaw in the HID USB component of the Linux kernel that could leak to uninitialized kernel memory to a local attacker through specially crafted HID reports.

The first vulnerability, CVE-2024-43092, has been previously flagged by Google as being actively exploited in a November 2024 advisory; however, there are no details as to why the alert was issued for a second time.

The second vulnerability, CVE-2024-50302, is one of three that was used in a zero-day exploit in December 2024 to break into a Serbian youth activist's Android phone. This exploit levied three other vulnerabilities (in this case, CVE-2024-53104, CVE-2024-53197, CVE-2024-50302) to gain elevated privileges and deploy Android spyware dubbed NoviSpy.

These three vulnerabilities reside in the Linux kernel and were patched last year, with CVE-2024-53104 being addressed by Google in the Android Security update last month.

More from Tom's Guide

Network
Arrow
Intego
Norton
Contract Length
Arrow
Showing 2 of 2 deals
Filters
Arrow
Intego
Mac Premium Bundle
View
75% off - 1st year
Norton
Norton 360 Deluxe
$119.99
View
See more Computing News
Amber Bouman
Amber Bouman
Senior Editor Security

Amber Bouman is the senior security editor at Tom's Guide where she writes about antivirus software, home security, identity theft and more. She has long had an interest in personal security, both online and off, and also has an appreciation for martial arts and edged weapons. With over two decades of experience working in tech journalism, Amber has written for a number of publications including PC World, Maximum PC, Tech Hive, and Engadget covering everything from smartphones to smart breast pumps. 

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Read more
Google Pixel 9 held in the hand.
Google just fixed a zero-day kernel flaw used by hackers and 47 other vulnerabilities — update your Android phone right now
How to disable the Windows key
Microsoft patches over 160 security flaws including 3 active zero days — update your PC right now
Surface Laptop 5 open on desk showing Windows 11 desktop
Microsoft just fixed 72 Windows security flaws — update your PC right now
iPhone 16 Pro shown held in hand
Apple just patched its first zero-day flaw of the year — update your iPhone and Mac right now
Apple iPhone 16 held in the hand.
iOS 18.3.1 — update your iPhone right now to fix critical zero-day vulnerability
An image of a Google Android robot
Google blocked over 2.5 million suspicious Android apps from the Play Store last year
Latest in Online Security
Android 12
Google March Android Security Update fixes two high severity vulnerabilities — update now
An Android bot next to an Android TV remote
Millions of Android TVs hijacked in massive botnet — how to see if yours is at risk
Poster of Elon Musk saying "I am stealing from you"
Elon Musk's DOGE blocked from accessing your data – and 3 in 4 Americans agree
A fake text message on a smartphone being held by both hands.
Toll road scams are worse than ever — what to look for and how to stay safe
A phone with Google Search open on screen
Google just made it easier to remove your personal info from search results — here's how to do it
Eight Sleep Pod 4 Ultra with head raised in beige bedroom
Eight Sleep smart beds reportedly have a secret backdoor that can be accessed remotely — everything you need to know
Latest in News
Android 12
Google March Android Security Update fixes two high severity vulnerabilities — update now
Kieran Culkin as Benjamin "Benji" Kaplan in "A Real Pain"
Hulu top 10 movies — here's the 3 worth watching now
Apple iPad 11
iPad 11 just announced — here’s what’s new
iPad and MacBook
Apple Air news live updates — iPad Air M3 launch, MacBook Air M4 imminent
iPad Air M3
iPad Air M3 announced — price, release date, specs and all the upgrades
A smartphone attached to the Switch 2
Nintendo Switch 2's rumored phone attachment could lead to dual-screen gaming — what you need to know
More about online security
Poster of Elon Musk saying "I am stealing from you"

Elon Musk's DOGE blocked from accessing your data – and 3 in 4 Americans agree
An Android bot next to an Android TV remote

Millions of Android TVs hijacked in massive botnet — how to see if yours is at risk
Kieran Culkin as Benjamin "Benji" Kaplan in "A Real Pain"

Hulu top 10 movies — here's the 3 worth watching now
See more latest
Most Popular
Kieran Culkin as Benjamin "Benji" Kaplan in "A Real Pain"
Hulu top 10 movies — here's the 3 worth watching now
SOURHOUSE Goldie
I just discovered this innovative kitchen gadget that takes all the guesswork out of sourdough
A white pillow with blue edges placed on the bed
Cloud 9 releases AI-developed pillow for unparalleled support for all sleepers — and it's already $20 off
Apple iPad 11
iPad 11 just announced — here’s what’s new
iPad and MacBook
Apple Air news live updates — iPad Air M3 launch, MacBook Air M4 imminent
A smartphone attached to the Switch 2
Nintendo Switch 2's rumored phone attachment could lead to dual-screen gaming — what you need to know
iPad Air M3
iPad Air M3 announced — price, release date, specs and all the upgrades
TCL 60 series
The most underrated phone of the year can switch between full color and e-ink mode — and it just got a price
MWC 2025 Day 2
MWC 2025 Day 2 — here’s the top 5 new gadgets you need to see
Sigourney Weaver as Ellen Ripley in Alien
Hulu just got every single “Alien” movie — here’s the 3 to watch, and 1 you must skip