Alert for Android Users: If you use Android smartphone then this news is very important for you. India’s cyber security agency CERT-In has issued an alert to Android users regarding a serious threat. According to the information revealed, the phone could have been hacked even without clicking on any link or downloading the file. That means hackers could gain access to the phone without even the slightest mistake of the user. It is a matter of relief that this flaw has been fixed in Google’s latest security update, but for this it is very important to update the phone immediately.
There was a dangerous weakness related to Dolby Audio
This serious security flaw was related to Dolby Digital Plus Unified Decoder. It was first identified in October 2025. The scariest thing about this bug was that hackers could run code on the phone without any interaction through it. No link, no message, no file, just intrusion into the system. For this reason it was called zero-click vulnerability. It was also revealed in the reports that this problem was not limited to Android only, but some Windows devices could also be affected by it.
Why did CERT-In ring the alarm bell?
CERT-In has issued an advisory named CIVN2026-0016 regarding this flaw. According to the agency, by misusing this bug, cyber criminals could run the desired code on the device remotely. Due to this, the memory of the phone could get damaged and sensitive data related to personal as well as office could also be in danger. CERT-In has clearly said that the most direct and safe way to avoid this threat is to install the latest operating system and security patches in your phone.
Google and Dolby’s response
Google had informed in its security bulletin released on January 5 that the January update completely fixes this serious flaw. According to the company, the severity of this bug was assessed by Dolby. Dolby said in its advisory that the problem of “out-of-bounds write” was found in some versions of DD+ Unified Decoder. Usually its effect was limited to the crashing of the media player, but if it was misused, the damage could have been much bigger.
How Project Zero revealed
This entire matter was exposed by Google’s famous security research team Project Zero. Researchers said that this was an exploit that does not require any action from the user. Remote code execution was possible through this on some Pixel and other Android devices.
After this disclosure, Google took it seriously and released its fix in the January security patch. If you are using an Android phone and have not updated yet, then do not delay. A small update can protect your phone, data and privacy from major cyber threats.
Also read:
iPhone 16 is available at the cheapest price for the first time, you will get huge savings by buying from here, know how to take advantage of the opportunity.
