Google releases Android security update to fix critical vulnerabilities

Google has released a security patch that addresses three high-severity vulnerabilities affecting some of the latest versions of Android, including one that is believed to be actively exploited in the wild. The flaws, tracked as CVE-2023-21085, CVE-2023-21096, and CVE-2022-38181, were detailed in Google’s April 2023 Android security bulletin. The first two vulnerabilities are related to the Android System and could allow for remote code execution via phishing attacks. The third vulnerability is related to the Arm Mali GPU kernel driver and has reportedly been exploited by hackers since late 2022. Google did not provide further details on the exploit or its attackers.