As Google says, "the most severe of these issues is a critical security vulnerability in Framework that could allow a remote attacker using a specially crafted PNG file to execute arbitrary code within the context of a privileged process."

A remote attacker can exploit this vulnerability just by tricking users into opening a maliciously crafted PNG image file (which is impossible to spot with the naked eye) on their Android devices sent through a mobile message service or an email app.

Including these three flaws, Google has patched a total of 42 security vulnerabilities in its mobile operating system, 11 of which are rated critical, 30 high and one moderate in severity.

The technology giant stressed that it has no reports of active exploitation or in the wild abuse of any of the vulnerabilities listed in its February security bulletin.

Google said it has notified its Android partners of all vulnerabilities a month before publication, adding that "source code patches for these issues will be released to the Android Open Source Project (AOSP) repository in the next 48 hours."

Have something to say about this article? Comment below.