Google has released the February 2025 Android security update, addressing 48 vulnerabilities, including a high-severity zero-day exploit actively used in cyberattacks.
The most critical flaw, CVE-2024-53104, is a privilege escalation bug in the Android Kernel’s USB Video Class (UVC) driver. This flaw allows local attackers to gain elevated privileges due to improper parsing of UVC_VS_UNDEFINED frames. Exploitation can lead to arbitrary code execution or denial-of-service (DoS) attacks.
Another major fix addresses CVE-2024-45569, a firmware memory corruption issue in Qualcomm’s WLAN component. This vulnerability stems from improper validation of array indexes, allowing remote attackers to potentially execute arbitrary code, modify or read sensitive memory, and trigger system crashes. Unlike the kernel flaw, this remote attack requires no user interaction or privileges, making it particularly dangerous.
Google has released two patch levels: 2025-02-01 includes core security fixes, while 2025-02-05 adds patches for third-party components and kernel elements. Google Pixel devices will receive updates immediately, while other Android manufacturers may delay updates for compatibility testing.
In November 2024, Google also patched two actively exploited zero-days (CVE-2024-43047 & CVE-2024-43093), one of which was used in NoviSpy spyware attacks targeting activists and journalists. Android users are strongly advised to update their devices as soon as patches become available to mitigate these security risks.
