Patchday: Attacks on Android smartphones observed
Attackers are targeting Android smartphones and tablets. The effects and scope are currently unclear. Security updates are available for selected devices.
(Image: heise online)
Due to ongoing attacks, owners of Android smartphones should install available security updates. However, these patches are only available for devices that are still supported.
Patch now!
As indicated by a warning message, Google's Android developers have closed a total of nearly 140 vulnerabilities. In the post, the developers also warn of ongoing attacks on a vulnerability in a graphics/display component from Qualcomm. The gap (CVE-2026-21385) is classified with the threat level “high”.
What attackers can specifically do after a successful attack is currently unclear. It is also currently unknown to what extent the attacks are occurring. Google speaks of attacks on a “limited scale”.
Further Dangers
The remaining security vulnerabilities affect the framework, kernel components, the system, and various components from Arm, Imagination, Qualcomm, MediaTek, and Unisoc. Through “critical” vulnerabilities in the framework (Android 16-qpr2: CVE-2026-0047) and in the system (Android 16: CVE-2026-0006, Android 14, 15, 16, 16-qpr2 CVE-2025-48631), attackers can gain higher privileges or execute malicious code. DoS attacks are also possible.
By successfully exploiting the remaining gaps, which are classified with the threat level “high,” attackers can primarily acquire higher user privileges. However, information can also be leaked.
Videos by heise
Google assures that the vulnerabilities have been closed with Patch Levels 2026-03-01 and 2026-03-05. This month there are so many security updates because Google since July 2025 has only been closing particularly dangerous gaps monthly according to their assessment. Remaining updates have been released quarterly since then.
(des)
