Your mobile device is more than a messaging tool; it’s your virtual office, data vault, and two-factor authorization center. That’s why keeping it updated isn’t just an IT best practice, it’s a business-critical security measure.
Android: 84 Reasons to Hit “Update Now”
This September, Google released a sweeping Android security patch that fixes 84 vulnerabilities, including two actively exploited zero-days. These include:
- CVE-2025-38352: A Linux kernel flaw that could crash your device or allow attackers to gain elevated privileges.
- CVE-2025-48543: A vulnerability in Android Runtime that lets malicious apps bypass the OS sandbox, meaning apps can access more than they should.
Even more concerning? Four critical vulnerabilities allow attackers within Bluetooth or Wi-Fi range to run code on your phone — no interaction required. If your device uses a Qualcomm chip (as many do), you’re especially at risk.
Action Item: Update to patch level 2025-09-01 or 2025-09-05 via Settings → System → Software update. Can’t upgrade to Android 16? Then it is time for a new phone, we recommend the Pixel 10.
iOS: The WhatsApp Zero-Click Spyware Campaign
On the iOS side, a major security flaw was recently patched in WhatsApp, and it’s a stark reminder that even encrypted apps can be an attack vector.
- CVE-2025-55177 (WhatsApp) and CVE-2025-43300 (iOS) were used together in a zero-click spyware campaign — no clicks, taps, or mistakes required.
- Attackers could exploit this pair of bugs to fully compromise Apple devices, steal messages, and exfiltrate sensitive data, including from high-profile targets.
While Meta has patched the flaw and notified compromised users, the attack illustrates how nation-grade spyware is being used against individuals with valuable data, including journalists, civil society, and yes, high-profile business professionals.
Action Item: Always install the latest iOS and app updates immediately. If your iPhone is more than 4 years old and no longer receives updates, you must replace it.
Don’t ignore phone update requests. Uninstall any app you stop using, don’t just leave it on your phone waiting to be hacked. Stay sharp and stay patched.
Share this blog:
