{"id":220415,"date":"2026-03-03T03:19:00","date_gmt":"2026-03-03T08:19:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/03\/android-gets-patches-for-qualcomm-zero-day-exploited-in-attacks\/"},"modified":"2026-03-05T19:45:29","modified_gmt":"2026-03-06T00:45:29","slug":"android-gets-patches-for-qualcomm-zero-day-exploited-in-attacks","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/03\/android-gets-patches-for-qualcomm-zero-day-exploited-in-attacks\/","title":{"rendered":"Android gets patches for Qualcomm zero-day exploited in attacks"},"content":{"rendered":"<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/google-patches-android-zero-day-actively-exploited-in-attacks\/\">Android gets patches for Qualcomm zero-day exploited in attacks<\/a><\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/google-patches-android-zero-day-actively-exploited-in-attacks\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/google-patches-android-zero-day-actively-exploited-in-attacks\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-03 03:19:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.bleepingcomputer.com\">www.bleepingcomputer.com<\/a><\/p>\n<p style=\"text-align:center\">\n<p>Google has released security updates to patch 129 Android security vulnerabilities, including an actively exploited zero-day flaw in a Qualcomm display component.<\/p>\n<p>&#8220;There are indications that CVE-2026-21385 may be under limited, targeted exploitation,&#8221; the company said on Monday in its March 2025 Android Security Bulletin.<\/p>\n<p>While Google didn&#8217;t provide any further information on the attacks currently targeting this vulnerability, Qualcomm revealed in a separate security advisory issued on February 3 that the flaw is an integer overflow or wraparound in the Graphics subcomponent that local attackers can exploit to trigger memory corruption.<\/p>\n<p>Qualcomm says it was alerted to this high-severity vulnerability on December 18 by Google&#8217;s\u00a0Android Security team, and it notified customers on February 2. According to its February advisory, which has yet to flag CVE-2026-21385 as exploited in attacks, the security flaw affects 235 Qualcomm chipsets.<\/p>\n<p>&#8220;We commend the researchers from Google\u2019s Threat Analysis Group for using coordinated disclosure practices,&#8221; a\u00a0Qualcomm spokesperson told BleepingComputer. &#8220;Regarding their GPU-related research, fixes were made available to our customers in January 2026. We encourage end users to apply security updates as they become available from device makers.&#8221;<\/p>\n<p>With this month&#8217;s Android security updates, Google fixed 10 critical security vulnerabilities in the System, Framework, and Kernel components that attackers exploit to gain remote code execution, elevate privileges, or trigger denial-of-service conditions.<\/p>\n<p>&#8220;The most severe of these issues is a critical security vulnerability in the System component that could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation,&#8221; Google said.<\/p>\n<p>Google issued two sets of patches: the 2026-03-01 and 2026-03-05 security patch levels. The latter bundles all fixes from the first batch, as well as patches for closed-source&#8230;<\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/google-patches-android-zero-day-actively-exploited-in-attacks\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Android gets patches for Qualcomm zero-day exploited in attacks https:\/\/www.bleepingcomputer.com\/news\/security\/google-patches-android-zero-day-actively-exploited-in-attacks\/ Publish Date: 2026-03-03 03:19:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":220416,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.bleepstatic.com\/content\/hl-images\/2026\/03\/03\/Android-red.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[31,27],"class_list":["post-220415","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/220415"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=220415"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/220415\/revisions"}],"predecessor-version":[{"id":220417,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/220415\/revisions\/220417"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/220416"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=220415"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=220415"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=220415"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}