Google on Monday announced a fresh set of security updates for the Android platform, to address two vulnerabilities in the System component.
The November 2025 Android fixes mark another shift from the monthly updates the internet giant has been rolling out since 2015, as they come with a single security patch level, the 2025-11-01 patch level.
For nearly a decade, the update was split into two security patch levels, to make it easier for vendors to address vulnerabilities specific to their devices. The second security patch level of each month contained patches for all the bugs described in that month’s security bulletin.
July 2025 was the first month in a decade when no fixes were rolled out for Android users, and the same happened in October. In August and September, however, Google resolved over 100 vulnerabilities, including three exploited issues.
The company makes no mention of either of the two flaws resolved this month being exploited in the wild, but warns that one of them could be abused for remote code execution (RCE).
“The most severe of these issues is a critical security vulnerability in the System component that could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation,” Google’s security bulletin reads.
The security defect is tracked as CVE-2025-48593 and is described as an insufficient validation of user input issue that affects Android versions 13, 14, 15, and 16.
The second Android vulnerability resolved this month is tracked as CVE-2025-48581 and affects devices running Android 16.
“In VerifyNoOverlapInSessions of apexd.cpp, there is a possible way to block security updates through mainline installations due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed,” a NIST advisory reads.
There are no security issues addressed in Google Play system updates and no security patches in the November 2025 Automotive OS and Wear OS bulletins.
Devices running a security patch level of 2025-11-01 are patched against the vulnerabilities described above.
Related: Pixnapping Attack Steals Data From Google, Samsung Android Phones
Related: In Other News: PQC Adoption, New Android Spyware, FEMA Data Breach
Related: Samsung Patches Zero-Day Exploited Against Android Users
Related: Academics Build AI-Powered Android Vulnerability Discovery and Validation Tool
