Google confirms new Android zero-day attacks. Millions of Samsung users still have to wait because security updates are delayed.
Google released an urgent warning on December 1st and simultaneously rolled out an emergency update for all Pixel devices. The background is two serious security vulnerabilities (CVE-2025-48633 and CVE-2025-48572) that are already being actively exploited.
The attacks enable a “remote denial of service” – completely without additional permissions.
However, the patches are not yet available for most Samsung devices, although attacks are already underway.
Google: CISA warns – and Samsung confirms its own fixes
Just one day after Google’s announcement, the US cyber defense agency CISA also reacted. It warned of another vulnerability in the Android framework that allows “privilege escalation” and required US authorities to immediately update devices or temporarily stop using them.
Meanwhile, Samsung confirmed that other vulnerabilities reported by Google’s Project Zero have also been fixed. However, the basic problem remains: Samsung usually needs a full month to distribute critical updates.
Update gap: Why Pixel is fast – and Samsung isn’t
Despite its dominant market share, Samsung continues to deliver security updates more slowly than Google itself. Pixel benefits from Google’s direct control over hardware and software and therefore receives all important patches immediately – including zero-day fixes.
Samsung, on the other hand, distributes updates staggered by model, region and provider. Only the Galaxy S25 and a single mid-range model support Google’s “Seamless Updates”, which should enable faster patching in the future.
In a world where both Pixel and Apple deliver updates within hours, Samsung is coming under increasing pressure. Experts see only one long-term solution: Android must change structurally so that manufacturers can no longer close critical security gaps weeks later.
