Overview
- Google’s January 2026 security update patches CVE-2025-54957, a Dolby Digital Plus decoder vulnerability that can be exploited through locally decoded audio attachments and voice messages without user interaction.
- Jamf and other security voices advise Android users to install the new patch as soon as it becomes available for their device and carrier configuration.
- Samsung acknowledges holding back Google Play system updates on many Galaxy phones and says distribution will resume this month after internal testing requirements.
- Reporting indicates numerous Galaxy devices are months behind on background Play System fixes, with Samsung indicating rollout of the Google update is expected to start mid-January.
- Some Pixel owners installing a small January Play System package (around 15 MB) report temporary black screens or UI failures on reboot that typically resolve after a restart or connecting to power.