Google has released a crucial security patch for Android devices to address a serious bug that could allow hackers to exploit certain Dolby audio components. The bug, which enables the execution of malicious code through audio attachments, has been fixed on Android devices, with the update now rolling out for all phones.
According to Adam Boynton, Senior Security Strategy Manager EMEIA at Jamf, the vulnerability, known as CVE-2025-54957, was discovered in 2025 and affects Dolby’s DD+ Unified Decoder, allowing attackers to run malicious code without user interaction when audio attachments or voice messages are decoded locally on Android OS.
To ensure device security, users are advised to promptly update their Android phones. While iPhones are not affected by this specific vulnerability, Apple users are also encouraged to check for updates and apply them promptly to safeguard personal data.
Regular patching is emphasized as a vital measure to mitigate mobile security risks, regardless of the operating system being used. Keeping devices updated is essential in defending against modern mobile threats, as highlighted by Boynton.
To update your Android phone:
– Access the Settings app on your device.
– Navigate to System and select Software updates to check the update status.
– Follow the on-screen instructions for updating the device.
