Computer Works Computer Works
Call
Cybersecurity

Google Patches Critical Android Security Flaw Being Actively Exploited — Here's How to Update Your Phone Right Now

Google's June 2026 Android update fixes 124 security vulnerabilities, including one high-severity flaw already being actively exploited in the wild. Here's what the vulnerability does, who's at risk, and a step-by-step guide to updating your Android phone today.

Google Patches Critical Android Security Flaw Being Actively Exploited — Here's How to Update Your Phone Right Now

If your Android phone hasn't updated itself in the last few days, now is the time to do it manually. Google's June 2026 Android security update is out, and it's a big one — and not just because it's patching a whopping 124 vulnerabilities. One of those flaws is already being used against real people in targeted attacks right now.

Here's what's happening, who's at risk, and exactly how to make sure your phone is protected.

The Flaw You Need to Know About: CVE-2025-48595

The vulnerability getting the most attention this month is tracked as CVE-2025-48595, and it carries a CVSS severity score of 8.4 out of 10 — firmly in "high" territory. It lives inside the Android Framework, which Help Net Security describes as the set of APIs and system services that apps interact with directly.

The technical root cause is an integer overflow — a type of programming error where a calculation produces a number too large for the system to handle, causing unexpected behavior that attackers can exploit to run their own code. In this case, the result is privilege escalation: an attacker's code quietly elevates itself from a low-level app to something with far greater control over the device.

What makes this particularly concerning is the combination of factors involved:

  • No user interaction required. Once the malicious app is on your device, the exploit can run without you doing anything.
  • No extra permissions needed. The attacker doesn't need to trick you into granting any special access.
  • Complete device access is possible. According to Help Net Security, successful exploitation can give an attacker full access to the device and all the data on it.

Google has acknowledged that CVE-2025-48595 "may be under limited, targeted exploitation." The company hasn't revealed who is behind the attacks or who the targets are — which is standard practice. However, as The Hacker News notes, similar privilege escalation flaws have historically been weaponized by commercial spyware vendors targeting high-profile individuals.

Which Android Versions Are Affected?

CVE-2025-48595 affects devices running Android 14, 15, 16, and 16 QPR2 (Quarterly Platform Release 2). If your phone is running any of those versions and hasn't received the June patch yet, it's currently vulnerable.

What Else Got Fixed?

Beyond the actively exploited flaw, The Hacker News reports that Google released two sets of patches this month:

  • 2026-06-01 patch level — Covers core Android OS fixes, including additional vulnerabilities in the Framework and System components.
  • 2026-06-05 patch level — Includes everything from the first set, plus fixes for the Linux kernel and third-party chipset components from Imagination Technologies, MediaTek, Qualcomm, and Unisoc.

In total, 124 security vulnerabilities were addressed. That's a significant month. Several of the additional System component fixes also address privilege escalation issues, meaning there are multiple attack paths being closed off at once.

Google also notified Android device partners at least a month before publishing the bulletin, and committed to releasing source code patches to the Android Open Source Project within 48 hours, per Help Net Security.

How to Check Your Android Security Patch Level

Not sure where your phone stands? Here's how to check:

  1. Open the Settings app on your Android phone.
  2. Scroll down and tap About phone (on some phones it may be under "General management" or "System").
  3. Tap Android version or Software information.
  4. Look for Android security patch level.

You want to see a date of June 1, 2026 or later. If you see June 5, 2026 or later, you have the full set of patches including kernel and chipset fixes.

How to Install the Update

If your patch level is behind, here's how to manually trigger the update:

  1. Go to Settings.
  2. Tap System (or "Software update" on Samsung devices — the exact label varies by manufacturer).
  3. Select System update or Check for updates.
  4. If an update is available, tap Download and then Install.
  5. Your phone will restart to apply the changes.

A few practical tips:

  • Plug in first. Updates can drain battery mid-install, which occasionally causes problems. Connect to a charger before you start.
  • Use Wi-Fi. Security updates can be several hundred megabytes. Don't burn through your mobile data.
  • Restart counts. The patch isn't fully applied until the phone reboots. Don't skip the restart.
  • Check again after. After the restart, go back to your patch level screen and confirm the date updated.

Why These Monthly Patches Actually Matter

It's tempting to hit "remind me later" on update notifications indefinitely. But Android security updates aren't like app updates that add new features — they're closing active security holes.

The June update is a good example of why the monthly cadence exists. An integer overflow vulnerability in the Framework could theoretically be hidden inside an app that looks completely normal. Per Help Net Security, the most likely exploitation path for CVE-2025-48595 is through a malicious app that targeted users were tricked into installing. That's not a hypothetical — it's what "limited, targeted exploitation" typically looks like in practice.

On the brighter side, Tom's Guide notes that the June Android drop also includes new fake call detection — a feature designed to spot scammers impersonating your contacts by spoofing their numbers. It uses encrypted RCS technology to send a silent verification signal between devices, so if a call claiming to be from your mom doesn't have that signal, your phone flags it. It rolls out to Android 12 and above.

What About Older Android Phones?

Here's the honest answer: if your phone is running Android 13 or earlier and your manufacturer has stopped pushing security updates, you likely won't receive this patch. Older devices eventually fall out of the support window — and at that point, any new vulnerabilities discovered go unpatched permanently.

If you're in that situation and your phone is handling sensitive business data, banking apps, or personal communications, it may be time to consider an upgrade. It's not a decision to rush into, but it is something worth thinking about.

The Bottom Line

Go check your Android patch level right now. If you're not on a June 2026 patch, pull the update manually today. The actively exploited flaw in this batch doesn't require you to do anything wrong — just having the wrong app on an unpatched device could be enough.

If you've run into trouble getting your Android device to update, or you're managing a fleet of devices for a small business and need to make sure everyone's covered, we're happy to take a look. Keeping devices current is one of the less glamorous parts of security — but it's one of the most effective.

Recommended
Proton VPN
Proton VPN
Protect your browsing
Proton Mail
Proton Mail
Encrypted email
Related local service
Worried this could be malware?
If your computer has pop-ups, redirects, suspicious downloads, or ransomware warnings, start with our local virus removal page.
Call Us View virus removal
Tags
cybersecurity vulnerability patch-management privilege-escalation software-updates
← Back to all posts