Android phones vulnerable to remote hacking — update right now

Green skull on smartphone screen.
(Image credit: Shutterstock)

If you own one of the best Android phones you should update immediately, as Google has released fixes for three serious vulnerabilities—including one that is currently being exploited in the wild by hackers.

In its April 2023 Android security bulletin, the search giant announced security updates that contain fixes for two critical remote code execution (RCE) vulnerabilities as well as for one high severity vulnerability hackers are already using in their attacks.

These security flaws impact Android 11, Android 12, Android 12L and Android 13 and it’s highly recommended that users update their smartphones as soon as possible. Android partners like Samsung, OnePlus, Motorola and others are notified about issues like this at least one month before Google issues a security bulletin, which means patches for their devices are likely already available or will be rolled out soon.

Executing remote code and escalating system privileges

The first vulnerability (tracked as CVE-2023-21085) exists in Android’s System component and if exploited, it could allow an attacker to execute arbitrary code remotely. According to a blog post from Malwarebytes, this flaw involves improper input validation within the System component. 

To attack those who haven’t updated their smartphones with the latest patches yet, an attacker could trick them into opening a specially crafted file through a phishing attack.

Likewise, the second vulnerability (tracked as CVE-2023-21096) also exists in Android’s System component and just like with the first one, could allow an attacker to execute arbitrary code remotely.

The third vulnerability (tracked as CVE-2022-38181) was found in the Arm Mali GPU kernel driver and has been used in targeted attacks since it was first discovered in November of last year. It’s a use-after-free (UAF) vulnerability that allows Android apps installed on a user’s smartphone to escalate their system privileges. This flaw can be exploited to trigger memory corruption as well as to execute arbitrary code with elevated privileges.

How to keep your Android phone secure

A hand holding a phone securely logging in

(Image credit: Google)

In order to keep your Android phone safe from attacks exploiting these and other vulnerabilities, it’s essential you install the latest updates as soon as they become available.

This can be done by heading to the Settings menu and scrolling down to About Phone. Tapping on this menu item will then allow you to check for software updates which you should install if they’re available.

At the same time, installing one of the best Android antivirus apps can protect you from malware or any malicious apps that leverage these vulnerabilities in their attacks. You also want to make sure that Google Play Protect is enabled on your device and you don’t have to download this Android antivirus app as it comes pre-installed.

We’ll likely hear more from Google about these vulnerabilities and how one of them was being used in attacks in the wild once enough Android users install the security updates that patch them.

More from Tom's Guide

Anthony Spadafora
Senior Editor Security and Networking

Anthony Spadafora is the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to password managers and the best way to cover your whole home or business with Wi-Fi. Before joining the team, he wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.