The Indian government has issued a ‘critical’ warning for Android smartphone users urging them to update their devices. The vulnerability note CIVN–2026-0016 issued by the Indian Computer Emergency Response Team (CERT-In) under the aegis of Ministry of Electronics and Information Technology (MeitY) warns of a flaw related to the Dolby audio. The advisory says that the vulnerability can allow remote access to unauthorized players which can be exploited to “execute arbitrary code on the targeted system.”
CERT-In warning to Android users: Impacted users, related risk and other detail
A vulnerability has been reported in Google Android, which could allow a remote attacker to execute arbitrary code on the targeted system, the CERT-In advisory says. According to it, all end user organizations and individuals using Google Android are at risk.“High risk of remote code execution” reads the risk assessment. The vulnerability could corrupt the device’s memory, the advisory states. “Android is an open-source operating system primarily designed for mobile devices, including smart phones, tablets, smart watches, and other embedded system. This vulnerability exists in Google Android due buffer overflow in Dolby DD+ decoding leads to potential memory corruption and crashes,” the advisory says, adding “Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the targeted system”.
What should Android users do
As advised by the cyber security agency in its advisory, Android smartphone users must update their devices to the latest operating system to minimize risk and avoid falling victim to it. Notably, the vulnerability was first reported in October last year. Google released its latest security patch in January, 2026 fixing the Dolby flaw.
About the Author
