Android devices are facing active cyberattacks, Google confirmed on 1 December, prompting an urgent security update for Pixel users — but most Samsung owners still don’t have access to the critical patches.
Google says two vulnerabilities, CVE-2025-48633 and CVE-2025-48572, are already under “limited, targeted exploitation.” Both allow remote denial-of-service attacks requiring no special privileges, making them especially dangerous.
Samsung acknowledged the issue and announced its own fixes shortly after Google’s alert, also patching three additional zero-days discovered by Google’s Project Zero team. Within a day, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a directive requiring federal employees to update their devices immediately or stop using them, citing a serious privilege-escalation flaw within Android’s framework.
Despite Samsung’s rapid acknowledgement, the updates still aren’t available for most of its users. The company’s monthly update cycle — combined with staggered rollouts by device model, region and carrier — means patches could take weeks to reach many phones.
This delay underscores a long-standing issue in the Android ecosystem. While Samsung is the biggest Android manufacturer worldwide, Google’s Pixel phones consistently receive updates first due to Google’s unique control over both hardware and software. As a result, Samsung users often face slower releases of major Android versions, new features, and urgent security updates.
All Galaxy devices on Samsung’s monthly schedule are expected to receive the patch, with some off-schedule models potentially included. But with both Apple and Google delivering rapid fixes to their users, Android’s fragmented update system is under renewed scrutiny — and many argue it’s time for major change.
thetechtrident.com 