Google has released the most comprehensive Android security update in years. It fixes 129 vulnerabilities, including a critical zero-day vulnerability that is already being used for targeted attacks. The update is now being distributed to manufacturers.
Advertisement
In view of the massive security gaps in Android devices, users should take action beyond the standard updates. This free guide shows you which five simple measures you can take to effectively secure WhatsApp, banking and your personal data. Discover 5 protective measures now
One of the largest patch collections in eight years
Table of Contents
After minor updates at the beginning of the year, Google is now making massive improvements. The March update from March 2, 2026 is the most comprehensive since April 2018. The focus is on the critical vulnerability CVE-2026-21385 – a so-called zero-day that is already being actively exploited.
Acute danger: Qualcomm chip gap is being patched
The zero-day vulnerability is in an open-source display component from Qualcomm. It allows attackers to corrupt memory and is considered a high security risk. Qualcomm was informed in December and delivered the first corrections in January. Now Google is distributing the patch widely via its monthly bulletin.
Two waves of updates for maximum security
Google is splitting the update into two stages to speed up implementation. The first wave (patch level 2026-03-01) closes 63 gaps in the Android framework, system and Play services. The most serious of these allows remote access without user interaction.
The second part (patch level 2026-03-05) fixes another 66 vulnerabilities in kernel and vendor components. The active zero-day vulnerability is also included here. In total, that’s 129 vulnerabilities closed in a single month.
Advertisement
Since regular software updates alone are often not enough to close all entry points for hackers, experts recommend additional security precautions. In this free security package you will learn how you can immediately close an often underestimated gap in your system. Download free security guide
Samsung responds with its own patches
With the publication of the bulletin, the work begins for manufacturers like Samsung. The group has already announced details of its March update: It contains 60 patches from Google and seven of its own fixes for Samsung-specific vulnerabilities (SVE). This close coordination is crucial for the entire Android ecosystem.
What users should do now
The size of the update shows the ongoing threat situation. For Pixel users, the patch is expected to come with the next “feature drop”. All other Android users should immediately check for updates in the system settings.
As always, delivery speed depends on the manufacturer and model. However, in view of the active attacks via the zero-day vulnerability, it is particularly advisable to act quickly this month.
