May 7, 2025, 5:32 pm | Read time: 2 minutes

Starting immediately, users with compatible devices can download the May 2025 Android Security Bulletin. It includes a patch for a font rendering flaw that allowed the execution of malicious code without user interaction.

Critical Android Security Flaw Exploited by Hackers

The May 2025 Security Bulletin addresses several vulnerabilities in the Android system and framework, as well as Google Play updates. The most dangerous of these is identified as CVE-2025-27363 and affects the open-source program library FreeType. An error in text rendering can allow local malicious code to be executed without additional execution rights and without user interaction.

Google warns: “There are indications that CVE-2025-27363 may be exploited in a limited and targeted manner.” However, specific details about the attack methods or affected targets are not known. The vulnerability has a CVSS base score of 8.1, making it highly dangerous.

Error in Font Processing

The alert about the Android security flaw came in March 2025 from Facebook, which also provided evidence of active exploitation online. It is an out-of-bounds write error that occurs when processing TrueType GX and variable font files, allowing the injection of malicious code. The vulnerability affects only older FreeType versions prior to 2.13.1.

More on the topic

January Patchday Dangerous Security Vulnerability in Outlook Mail! Microsoft Urgently Recommends an Update

Apple iOS 18.3.2 Is Here — Should I Install the Update Straight Away?

Install Without Fail! Important Update Available for Several Samsung Smartphones

Users Must Install Current Security Patch

To address the vulnerabilities, the installation of the May 2025 Android security patch is required. It has been available since May 5 for compatible smartphone models. Installation requires at least Android 13. Older versions of the operating system no longer receive security updates from Google.