You should update your Android phone as soon as you can. Another significant security flaw has been fixed by Google
If you are one of those users who slow down every time a notification of a new update arrives on their smartphones, this time we recommend that you pay more attention to the February 2025 update that Google recently released for Android. Not in vain, among its security patches, it hides a solution to a very serious vulnerability identified as CVE-2024-53104.
Google itself did not mention that it fixed no less than 48 security vulnerabilities in this update in its bulletins, and among these vulnerabilities are 24 bugs with critical and high ratings, including this very serious vulnerability in particular.
As CyberInsider reported, this new vulnerability involves a high-severity Escalation of Privilege (EoP) issue in the USB Video Class driver in the Linux kernel. By exploiting this vulnerability, which exploits improper handling of frame types not specified in uvc_parse_format, an attacker could write out-of-bounds and gain local access to the device via privilege escalation.
The vulnerability was discovered within Android’s security software and has been rated 7.8, making it a high-severity issue. In fact, even Google has confirmed that there have been limited, targeted attacks that exploited the vulnerability, though it has not provided further details about the permissions that were obtained or the information that the hackers were able to access.
As always, Google is notifying all manufacturers and partners in the Android catalog so that these updates are distributed as soon as possible to as many devices as possible, so as we said, once the update reaches you this February, it is more important than ever that you update as soon as possible to avoid any unwanted concerns.