SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Android Update Patches FreeType Vulnerability Exploited as Zero-Day

Android’s May 2025 security update includes patches for an exploited vulnerability in the FreeType open source rendering engine.
Android vulnerability

Google on Monday started rolling out a fresh security update for Android phones, with fixes for roughly 50 vulnerabilities, including a bug exploited in the wild.

Resolved as part of the update’s first part, which arrives on devices as the 2025-05-01 security patch level, the exploited flaw is tracked as CVE-2025-27363 (CVSS score of 8.1) and impacts the FreeType software development library.

The issue is described as an out-of-bounds write in the open source rendering engine’s versions up to and including 2.13.0 that could lead to arbitrary code execution.

“There are indications that CVE-2025-27363 may be under limited, targeted exploitation,” Google notes in Android’s May 2025 security bulletin.

The internet giant rolled out patches for the bug roughly two months after Facebook parent company Meta warned that it had been exploited as a zero-day, urging organizations to update to FreeType version 2.13.3 or later.

There does not appear to be any public information regarding the attacks exploiting CVE-2025-27363.

Advertisement. Scroll to continue reading.

Android’s 2025-05-01 security patch level resolves a total of 24 high-severity vulnerabilities in the Framework and System components, most of which could be exploited for elevation of privilege.

The second part of this month’s update arrives on devices as the 2025-05-05 security patch level and resolves 22 flaws in Imagination Technologies, Arm, MediaTek, and Qualcomm components. It also updates the Linux Kernel LTS (long-term support) version.

Google’s advisory also mentions four security defects in Project Mainline components that have been resolved with Google Play system updates.

Android devices running a security patch level of 2025-05-05 include fixes for all the vulnerabilities addressed with the May 2025 update and previous monthly updates.

This month’s update for Automotive OS includes the fixes covered by the Android May 2025 security bulletin, but no security patches specific to this platform.

In addition to Android’s May 2025 patches, the update for Wear OS resolves four platform-specific bugs that could lead to elevation of privilege or denial of service.

Related: Android Update Patches Two Exploited Vulnerabilities

Related: Google Patches Pair of Exploited Vulnerabilities in Android

Related: Vulnerability Patched in Android Possibly Exploited by Forensic Tools

Related: First Android Update of 2025 Patches Critical Code Execution Vulnerabilities

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

More from

Latest News

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Webinar: A Step-by-Step Approach to AI Governance
April 28, 2026

With "Shadow AI" usage becoming prevalent in organizations, learn how to balance the need for rapid experimentation with the rigorous controls required for enterprise-grade deployment.

Register

Virtual Event: Threat Detection and Incident Response Summit
May 20, 2026

Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization.

Register

People on the Move

MongoDB has appointed Doug Bowers as Chief Information Security Officer.

Ben Wilkens has been promoted to Director of Cybersecurity at NMFTA.

Cato Networks has appointed Meital Koren as Chief Legal Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.