Latest android security bulletin: fixes, AOSP changes and update advice

Why the android security bulletin matters

The android security bulletin is the primary public record of platform and device security fixes for the Android ecosystem. It informs device manufacturers, app developers and end users about vulnerabilities, patches and recommended actions. With recent changes to AOSP release publishing and the disclosure of critical flaws, timely awareness of these bulletins is important for maintaining device integrity and protecting user data.

Main developments and technical details

AOSP publishing and development model (2026)

Effective in 2026, source code will be published to AOSP in Q2 and Q4 to align with a trunk stable development model and improve platform stability for the ecosystem. For building and contributing to AOSP, the guidance is to use the android-latest-release manifest branch rather than aosp-main. The android-latest-release branch will always reference the most recent release pushed to AOSP. Further details are available under the Changes to AOSP guidance. This schedule was last updated 2026-01-15 UTC.

Scope of bulletins

The bulletin suite includes Android Platform Specific Bulletins (platform fixes, upstream Linux kernel fixes, and fixes from SoC manufacturers), Android Automotive OS Update Bulletins, Android Wear Bulletins and a set of Device Specific Bulletins. Device-specific publications cover Pixel Update Bulletins, Chromecast Security Bulletins, Pixel Watch Security Bulletins and Android XR Security Bulletins.

Notable vulnerabilities and patches

Recent reports note that Google patched six vulnerabilities, including two critical issues in the August 2025 bulletin. A critical remote code execution vulnerability in the Android System is tracked as CVE-2025-48530; it could allow code execution in combination with other bugs without additional privileges. Researchers also reported serious vulnerabilities in the GPU micronode of Qualcomm’s Adreno GPUs, which impact a large number of devices.

What readers should do

Security bulletins are typically issued on the first of every month. Users are advised to install available updates as soon as possible — particularly when critical vulnerabilities are disclosed. You can check your device’s Android version, security update level and Google Play system level in the Settings app; look in the phone or device sections and tap on Updates (menu names may vary by manufacturer). Staying current with monthly bulletins and following AOSP guidance helps manufacturers and developers keep the wider ecosystem more secure.