Cybercrime: Just clicking on the link does not mean that hackers can know your phone’s secret documents. Even if you don’t click now, your phone can be hacked. In that case, how can you be protected from it?
Must know if using Android smartphone
If you are using an Android smartphone, then this news is very important for you. India’s cyber security agency, CERT-In, has warned Android users of a serious threat. According to the published information, the phone could have been hacked without clicking on a link or downloading a file. Which means, without the slightest mistake by the user, hackers could gain entry to the phone. Thankfully, the flaw has been fixed in Google’s latest security update, but it’s imperative that you update your phone immediately.
Dolby Audio is dangerous
This serious security flaw was related to the Dolby Digital Plus Unified decoder. It was first detected in October 2025. The most dangerous aspect of this bug was that it allowed hackers to execute code on the phone without any interaction. No links, no messages, no files, just the system that could be hacked. That’s why it was called a zero-click vulnerability. The report also revealed that the problem was not limited to Android, but could have affected some Windows devices as well.
Why did CERT-In sound the alarm?
CERT-In has issued an advisory regarding this vulnerability, CIVN2026-0016. According to the company, cybercriminals could use this bug to remotely execute arbitrary code on devices. This could have destroyed the phone’s memory and put sensitive personal and work data at risk. As CERT-In clearly states, the easiest and safest way to avoid this threat is to install the latest operating system and security patches on your phone.
Google and Dolby’s response
Google announced in its January 5 security bulletin that the January update fully fixes this critical vulnerability. According to the company, the severity of the bug was assessed by Dolby. In its advisory, Dolby said an “out-of-bounds write” issue was found in some versions of the DD+ Unified Decoder. Although its effect was usually limited to crashing the media player. But if it had been exploited, the damage could have been much greater.
How Project Zero caught on
This whole thing was revealed by Google’s famous security research team, Project Zero. It was an exploit that required no user action, the researchers said. This allowed remote code execution on some Pixel and other Android devices. After this issue came to light, Google took it seriously and came up with a solution in the January security patch. If you’re using an Android phone and haven’t updated yet, don’t delay. A simple update can protect your phone, data and privacy from a major cyber threat.