The Indian Computer Emergency Response Team (CERT-In) has issued a high-priority security alert for Android users. The advisory warns of multiple vulnerabilities affecting Android versions 12 and later, which could pose a significant cyber threat to users.
CERT-In has identified that these security flaws originate from weaknesses within the Android framework, as well as potential vulnerabilities in chipset components. If exploited, these vulnerabilities could allow attackers to gain unauthorised access to sensitive data, escalate privileges, execute arbitrary code, or trigger denial-of-service (DoS) conditions on affected devices.
According to the government agency, the alert has been categorised as one of the most severe security threats due to the potential damage an exploited vulnerability could inflict. Given the seriousness of the issue, CERT-In has urged users to take immediate action to protect their devices from cyberattacks.
Steps to enhance security
To mitigate these risks, users of Android 12, 13, 14, and 15 are strongly advised to install the latest security updates without delay. Keeping software up to date is a crucial step in defending against emerging cyber threats.
CERT-In also recommends additional precautionary measures to reinforce device security. Users should regularly check for software updates and enable automatic updates where possible to ensure they remain protected against newly discovered vulnerabilities.
Avoiding suspicious links and refraining from downloading applications from unverified sources is another essential security measure. It is advisable to install apps exclusively from official app stores, such as the Google Play Store, to minimise the risk of malware infections.
Strengthening account security by using strong, unique passwords and enabling two-factor authentication (2FA) can further reduce exposure to cyber threats. Additionally, users should periodically review and manage app permissions, ensuring that applications have only the necessary access to personal data.
CERT-In also warns against phishing attempts, which remain a common tactic used by cybercriminals to steal personal information and login credentials. Users should exercise caution when encountering unexpected requests for sensitive data and verify the legitimacy of such prompts before responding.
By following these security recommendations, Android users can significantly reduce the risk of cyber threats and enhance the protection of their personal information and devices.
