The majority of smartphones across the globe run on Google’s Android operating system, with many scores of different manufacturers producing smartphone and tablet devices. That means it’s more difficult for Android firms to keep up with the latest bug fixes compared to main mobile rival Apple, which only has to update one operating system on one brand of device.

Every month, Google publishes a security bulletin detailing the latest fixes it has made to keep Android users safe from the newest threats. The latest bulletin for December details a “critical security vulnerability” the firm said “could lead to remote denial of service with no additional execution privileges needed”.

These sorts of vulnerabilities in Android are worrying as they imply hackers could in some way gain access to your device or your data without a great deal of work.

Google is careful not to fully describe the nature of the most severe bug. That’s to avoid any bad actors cottoning on to the vulnerability and targeting devices that don’t yet have the fix.

The bulletin’s publication is a sign that a fix will soon be pushed out for free to Google Pixel smartphones and tablets, which are usually the first devices to receive Google’s monthly software updates.

Given Google owns and runs Android and makes Pixel phones, you’d hope this would be the case. If you have a recent Samsung device, these also are often close to the front of the queue to get the monthly update in a timely manner.

It often depends on the resources of a company as to how quickly devices receive the free update. In my experience, recently released phones are at the top of the pile, with OnePlus and Nothing particularly fast to get the patches sent out to their customers.

Google said in its security bulletin that the denial of service (Dos) bug would be fixed with the update on Android versions 13, 14, 15 and 16.

However serious this bug could be though, Google doesn’t think it has been exploited in the wild, which means no devices have been targeted via the vulnerability. The same can’t be said for the bugs named CVE-2025-48633 and CVE-2025-48572, which Google says “may be under limited, targeted exploitation”.

Rest assured it is very unlikely that you will be hacked or targeted if you don’t have the latest version of Android installed. Google is quite good at squashing problems with Android with its monthly bulletins, and even if you don’t have the latest update or are even using a phone that no longer receives updates, hacks are quite unlikely if you are using apps downloaded via the Google Play Store.

Android manufacturers are also getting better at supporting phones for longer. The Google Pixel phones now offer seven years of Android OS updates and free security patches, the same as many Samsung phones.