Google released its monthly security updates for Android, addressing 46 vulnerabilities, including one exploited flaw. The most critical flaw is CVE-2025-27363, a high-severity vulnerability in the System component. This flaw allows local code execution without requiring additional privileges or user interaction. Google confirmed that the flaw has been actively exploited in the wild and poses a significant risk.
The CVE-2025-27363 vulnerability is rooted in the FreeType open-source font rendering library, first disclosed by Facebook in March 2025. The issue stems from an out-of-bounds write flaw, which could result in code execution when parsing TrueType GX and variable font files. FreeType versions greater than 2.13.0 have already addressed this flaw.
While the flaw’s exact exploitation specifics are not known, there are signs of limited, targeted exploitation.
In addition to CVE-2025-27363, Google’s May update addresses other vulnerabilities in Android. It resolves eight flaws in the Android System component, which could enable privilege escalation, information disclosure, or denial-of-service. The update also fixes 15 vulnerabilities in the Android Framework module that could be exploited in various attacks.
Google emphasized that users should update their devices to the latest Android version to mitigate risks.
Google highlighted that newer Android versions have enhanced security measures, making exploitation more difficult. Users are encouraged to install the latest updates to protect their devices from potential security threats. The company’s focus remains on enhancing Android’s security and ensuring users are protected from emerging vulnerabilities. As exploitation of these flaws continues to evolve, timely updates remain crucial.
Reference:
