{"id":9130,"date":"2026-03-03T07:39:18","date_gmt":"2026-03-02T22:39:18","guid":{"rendered":"https:\/\/cyberenso.jp\/?p=9130"},"modified":"2026-06-12T07:40:34","modified_gmt":"2026-06-11T22:40:34","slug":"google-patches-129-android-vulnerabilities-including-qualcomm-zero-day","status":"publish","type":"post","link":"https:\/\/cyberenso.jp\/en\/google-patches-129-android-vulnerabilities-including-qualcomm-zero-day\/","title":{"rendered":"Google Patches 129 Android Vulnerabilities Including Qualcomm Zero-Day"},"content":{"rendered":"\n<p>Google has released its March 2026 Android Security Bulletin, delivering the largest Android security update in almost eight years. The update addresses 129 security vulnerabilities across the Android operating system, making it the biggest monthly patch release since April 2018. Among the issues fixed are 10 critical vulnerabilities and one actively exploited zero-day flaw, tracked as CVE-2026-21385. Security researchers reported that attackers were already taking advantage of this vulnerability before a patch became available, increasing the urgency for users to update their devices. The flaw was discovered in an open-source Qualcomm graphics component and impacts 235 Qualcomm chipsets used in a wide range of Android smartphones and tablets worldwide. According to security experts, the vulnerability is caused by an integer overflow in the graphics driver, which can lead to memory corruption. If successfully exploited, attackers could gain unauthorized access to sensitive information or elevate privileges on affected devices.<br>Google notified Qualcomm about the issue on December 18, 2025. However, Qualcomm reportedly informed its customers on February 2, 2026, creating a gap of several weeks during which threat actors may have had an opportunity to exploit the vulnerability.<br>Researchers believe commercial spyware operators are among the most likely groups to have abused the flaw. To address the risk, Google released two security patch levels: 2026-03-01 and 2026-03-05, with the latter providing the most comprehensive protection.<br>Android users are strongly encouraged to install the latest security updates as soon as possible. Devices showing a security patch level of 2026-03-05 or later are fully protected against this vulnerability.<br>The update serves as another reminder of the importance of keeping mobile devices up to date, as cybercriminals continue to target smartphones with increasingly sophisticated attacks.<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Google has released its March 2026 Android Security Bulletin, delivering the largest Android security update in almost eight years. The update addresses 129 security vulnerabilities across the Android operating system, making it the biggest monthly patch release since April 2018. Among the issues fixed are 10 critical vulnerabilities and one actively exploited zero-day flaw, tracked as CVE-2026-21385. Security researchers reported<span class=\"excerpt-hellip\"> [\u2026]<\/span><\/p>\n","protected":false},"author":1,"featured_media":9131,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[271,220,10,5],"tags":[],"class_list":["post-9130","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-data-breach","category-government-advisory","category-latest_vulnerabilities","category-ce_listen"],"acf":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/cyberenso.jp\/wp-content\/uploads\/2026\/06\/66127bbb2380776b3ddc99e1_ZERO-DAY-CLOUDSEK.webp?fit=2240%2C1260&ssl=1","_links":{"self":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/9130"}],"collection":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/comments?post=9130"}],"version-history":[{"count":1,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/9130\/revisions"}],"predecessor-version":[{"id":9133,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/9130\/revisions\/9133"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media\/9131"}],"wp:attachment":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media?parent=9130"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/categories?post=9130"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/tags?post=9130"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}