Google Just Patched Alarming Android Flaws: Don't Skip This Update
While the Android 16 QPR1 update brings fresh features and the Material 3 Expressive UI, it also includes the September security patch, which addresses major vulnerabilities across both the Pixel ecosystem and Android as a whole. Here's why you shouldn't delay installing the latest firmware on your device.
The September update is part of Google’s monthly Android security rollout. Depending on your device, it arrives with the Pixel Feature Drop for Pixel phones, while Samsung's Galaxy devices receive it as a monthly or separate firmware. It is currently rolling out on select Galaxy models as part of One UI 8 Beta.
Other OEMs, including OnePlus, Xiaomi, and Nothing, are expected to follow with their own monthly patches, but on their own pace and timeline.
Over 120 Security Bugs and Flaws Fixed
This month’s firmware tackles a wide range of security flaws, including critical and high-severity vulnerabilities as well as two threats believed to have been actively exploited in the wild. In total, there were 120 security issues patched.
Among the patched issues are several critical vulnerabilities (CVE-2025-21450, CVE-2025-21483, CVE-2025-27034) tied to Qualcomm components on devices running Android 15 and 16. These flaws could allow remote code execution without user interaction, which is comparable to zero-day exploits.
Google also addressed numerous high-severity bugs affecting imaging sensors and components from ARM, MediaTek, and Qualcomm.
Two Flaws May Have Been Exploited in the Wild
More concerning are two vulnerabilities, CVE-2025-21450 and CVE-2025-48543, that Google believes may have been used in real-world attacks, but at limited or targeted exploitations.
The first affects Android versions 13 through 16 and involves the Android Runtime. According to Google, attackers could weaponize it to escalate privileges without user interaction. The second flaw targets the Kernel in the Android system and also enables privilege escalation.
Update Your Android Device Now
While Google is rolling out fixes via Google Play System updates, it’s still essential to install the latest security patch manually if it’s available for your device. To check, go to Settings on your device, then navigate to System > Software Update.
Even with the latest patch, it’s wise to stay cautious, such as avoiding installing apps from outside the Play Store or from unknown publishers. You can also enable safety tools like Google Play Protect.
Which Android device are you using? Have you updated to the latest security firmware yet? Let us know in the comments.
