Last year, Google made a smart move in changing how it approached security on its Android devices, and rather than waiting to deliver security-related fixes alongside broader platform updates, the company announced a new effort that would see it deliver these patches to Nexus-series hardware on a monthly basis. Ever since, Google’s been making good on its promise, and we can look forward to a new batch of updates near the start of each month. Today it shares details on the latest, while making available all the new factory images for Nexus hardware.
As always, Google’s detailing all the individual bugs these new updates fix, and considering the sheer number of critical-rated vulnerabilities that good give attackers a foothold into compromising unpatched Android systems, we’re very glad those updates are here.
Those include a number of privilege-escalation and code-execution issues, the nastiest of which is yet another Stagefright-like bug that allows maliciously crafted media files to run code on a vulnerable device.
Of special note in this month’s collection of fixes is the promised patch for the Linux kernel keyring bug revealed to the public back in January. While Google explained at the time that modern Android releases already had defenses in place to guard them against successful exploitation, we’re still glad to know the root issue is being dealt with.
Be on the lookout for OTA updates on their way presently, or you can always flash a factory image if you’re not inclined to wait even that long.