Google's recent changes to Android support policies are creating significant challenges for users of older devices. With over a billion Android users still running Android 12 or older versions, many will soon encounter app failures and increased security vulnerabilities as Google shifts focus to newer operating system versions.
Support for Android 12 Officially Ended
Google has officially terminated security update support for Android 12 as of March 31, 2025. This critical change means that devices running Android 12 and older versions will no longer receive security patches, even for newly discovered vulnerabilities. The May 2025 security bulletin clearly shows that only Android 13, 14, and 15 received the latest security updates, leaving older versions exposed to emerging threats.
Android Security Update Information (May 2025)
- Total vulnerabilities patched: 46
- Zero-day vulnerability: CVE-2025-27363 (FreeType library)
- Supported Android versions receiving updates: 13, 14, and 15
- Unsupported versions (no longer receiving updates): Android 12 and older
- Support for Android 12 ended: March 31, 2025
Zero-Day Vulnerability Affects Unpatched Devices
Among the 46 security flaws patched in Google's May update is CVE-2025-27363, a zero-day vulnerability in the FreeType font rendering library that Google confirms is under limited, targeted exploitation. This remote code execution flaw affects FreeType versions 2.13.0 and below, allowing attackers to exploit how the program processes certain files. While Android 13 and newer versions have received patches for this vulnerability, Android 12 users remain vulnerable with no official fix forthcoming.
Play Integrity API Changes Impact App Functionality
Starting this month, Google has implemented significant changes to its Play Integrity API, creating a clear division between Android 13+ and older versions. This API allows developers to modify how their apps function based on a device's OS version and security update status. For Android 12 and older versions, Google now recommends that developers implement fallback options for apps with higher security requirements, such as banking and finance applications.
Financial and Security Apps Most Affected
The impact will be most noticeable in applications that handle sensitive operations. Banking apps, financial services, government applications, and enterprise software are likely to implement restrictions or reduced functionality for devices running Android 12 or older. These changes are designed to maintain security standards but will effectively force many users to upgrade their devices to maintain full app functionality.
Play Integrity API Changes Impact
- Affected users: Over 1 billion Android users on Android 12 or older
- Most affected app categories:
- Banking and finance apps
- Government applications
- Enterprise apps
- Applications handling sensitive data or money transfers
Recommendations for Affected Users
If you're using a device with Android 12 or older, you should check whether an OS upgrade is available. For those unable to upgrade through official channels, consider whether your device manufacturer has confirmed they are backporting security updates. Without either option, security experts recommend installing reputable security software as a partial mitigation and preparing for the possibility that some applications may stop functioning properly.
Long-term Implications
This situation highlights the growing challenge of Android fragmentation and the security implications of using older devices. While Google continues to advance its operating system with Android 15 and the Android 16 beta, more than half of the Android user base remains on older versions that will increasingly face compatibility and security challenges. The current changes represent a significant push from Google to encourage users and manufacturers to keep devices updated or replace aging hardware.