...
...
Next Story

CERT-In flags Dolby audio bug, urges Android users to install the latest patch

Android users may face potential risks from this flaw. CERT-In urges immediate updates after Google releases a security patch to prevent remote exploits.

Updated on: Jan 15, 2026 12:34 PM IST

India’s cyber security agency has asked Android smartphone users to install the latest system updates after Google addressed a security issue linked to Dolby audio software. The Indian Computer Emergency Response Team, known as CERT-In, issued the advisory after Google released its January security patch to fix the problem.

CERT-In urges Android users to update their mobile phones after Google fixes a critical Dolby audio security flaw. (Freepik)
CERT-In urges Android users to update their mobile phones after Google fixes a critical Dolby audio security flaw. (Freepik)

Ijaj Khan is a technology journalist and Senior Content Producer at Hindustan Times, with over three years of experience covering the consumer technology industry. His work spans smartphones, laptops, wearables, gaming, appliances and AI - from hands-on reviews, comparison and buying guides to breaking news and in-depth features that help readers cut through the noise and make informed decisions. Before joining HT Tech, he worked with Jagran New Media, where he sharpened his instincts for fast-paced digital reporting. He holds a Post Graduate Diploma in English Journalism and Mass Communication from the Indian Institute of Mass Communication (IIMC), Delhi. Whether he's testing the latest flagship smartphone, tracking a major AI announcement, or putting a gaming laptop through its paces, Ijaj approaches every story with the same goal - making technology feel relevant and easy to understand for everyday users, not just enthusiasts. When he's not in front of a screen for work, he's usually travelling to a new city, hunting for great food, or keeping tabs on what's next in tech before everyone else catches on.

Read moreRead less

According to CERT-In, the flaw affected the Dolby Digital Plus Unified Decoder used in many Android devices. The issue first came to light in October 2025 and allowed unauthorised access to affected systems. In some cases, attackers could run commands on a device without the user taking any action. Reports also indicated that the same weakness affected some Windows systems.

Also read: Google Pixel 10a may launch sooner than expected: Check expected features, price and more

Google included a fix for the Dolby-related issue in its January update. CERT-In said users should apply the update as soon as it becomes available for their devices to reduce the risk of misuse. The advisory applies to all Android users, including individuals and organisations.

How the Dolby Issue Could Affect Users

In its notice, CERT-In explained that attackers could use the flaw to run commands on a targeted device from a remote location. Such access could allow interference with the normal functioning of the phone and could also affect stored data. The agency warned that memory systems could face disruption if the issue remained unpatched.

Google confirmed in its January 5 security bulletin that the update resolves the problem in Dolby-related components. The company said Dolby provided the assessment of the issue. Following this, Dolby released its own advisory explaining the technical cause.

Also read: Apple to fine-tune Gemini and use it quietly behind Siri without Google branding: Report

Findings by Security Researchers

Security researchers from Google’s Project Zero team identified the flaw in October 2025. They found that attackers could trigger the issue without asking users to click links or open media files. This made detection difficult, as the process did not require user interaction.

Also read: 5 Spotify features that other music apps can’t match

Dolby noted that, in many observed cases, the issue caused media applications to stop or restart. The company said it had not seen wide misuse at the time of its advisory. Still, CERT-In stressed that users should not ignore the risk.

The agency urged users to check for updates through their device settings and install the latest version provided by their phone makers. It also advised users to keep automatic updates enabled to receive future security fixes without delay.

 
SHARE THIS ARTICLE ON