Updated Android Security Bulletin sets stage for a hefty December 2025 security patch

Google has just released the Android Security Bulletin for December 2025, with a roster of all vulnerabilities that affect Android devices. Unlike the frequent Pixel (or manufacturer-specific) security updates, this bulletin lists all potential vulnerabilities that impact Android devices.

These vulnerabilities, affecting Android 13 or later, will be patched in the Android security update dated December 05, 2025, and delivered to your devices when the manufacturer releases the security update.

With the December Security Bulletin, Google addresses several vulnerabilities rated for “critical” and “high” degrees of severity. The gravest of all is a vulnerability in the Android Framework that could be exploited to remotely launch a denial-of-service attack against users, even without additional privileges.

Meanwhile, the most severe vulnerabilities at the system and kernel levels can be exploited to escalate permission levels even with the user’s explicit input. In addition, the Bulletin also lists vulnerabilities specific to Qualcomm, MediaTek, and Unisoc chipsets.

To make sure your devices remain protected from these vulnerabilities, ensure you update your device with the latest security patch.

The latest security bulletin for December features a long list of exploits, unlike the October or November Bulletins, which had only a handful. This is likely in continuation of its recent policy switch to a quarterly report cycle.

Additionally, Google has also updated the Security Bulletins for Android Automotive and Wear OS, but there are no vulnerabilities to be listed in each.