Android Bulletin Delivers Fixes For Mainstream Android Devices
Google updates tackles security vulnerabilities with Android devices as well as update for its Nexus handsets
Google’s security team has released patches for mainstream Android devices, as well as an over-the-air security update for Nexus devices.
Google said that the most severe vulnerability could allow for remote code execution when processing media files.
In total April’s update patches eight critical vulnerabilities, 26 high level threats and 14 minor bugs. But the good news is that there are no reports of these bugs being actively exploited in the wild.
Vulnerability Fixes
Google said that it dividing the update into two sections, to patch level strings so that OEMS have a choice as to which level to apply depending on their schedule constraints.
The partial security patch for example contains the patch for the critical vulnerability, as well as six are marked as high, and five marked as moderate.
The full security patch level contains all of those patches as well as patches for eight critical, 26 high and 14 moderate vulnerabilities.
“We encourage all customers to accept these updates to their devices,” Google said.
Regarding the critical security vulnerability that could allow remote code execution on an affected device, this would have to happen via a number of ways such as email, web browsing, and MMS when processing media files.
At the same time Google has also rolled out its Android 7.1.2 Nougat update.
Google of course makes no secret of the fact that it pays independent security researchers and ‘white hat’ hackers large sums of cash as rewards for spotting security vulnerabilities in its bug bounty programme.