Google Rolls Out May Android Security Update for Nexus Devices

Google Rolls Out May Android Security Update for Nexus Devices
Highlights
  • Google has renamed Nexus Security Bulletin to Android Security Bulletin.
  • The May update patches six vulnerabilities that are flagged as critical.
  • Google also released the latest Nexus firmware images.
Advertisement
Google, as expected, has released its monthly security update for its Nexus range of the devices. Apart from the monthly security update, Google has also released the latest Nexus factory images on the developer site.

The company says that the source code patches for the new issues will be released to the Android Open Source Project (AOSP) repository over the next 48 hours. Google notes that partner OEMs were notified about the issues described in the May bulletin on April 4. One of the most severe of these issues was a critical security vulnerability that could enable remote code execution on an affected device through multiple methods (including email, web browsing, and MMS when processing media files).

According to Google, the latest build MTC19T is available for the Nexus 6P and Nexus 5X; the MOB30I build is available for the Nexus 6, MOB30G Nexus Player, Nexus 9, Nexus 9 LTE;  MOB30H for the Nexus 5; MOB30J for the Nexus 7 (2013) and Nexus 7 3G, and MXC89F for the Pixel C. Users can manually download and flash the zip update file for the Nexus devices from Google's Nexus Factory Images page.

One of the most notable changes announced with May security bulletin was that Google renamed the bulletin (and all following in the series) to the Android Security Bulletin. Previously it was dubbed Nexus Security bulletin. Google says, "These bulletins encompass a broader range of vulnerabilities that may affect Android devices, even if they do not affect Nexus devices."

Google also updated the Android Security severity ratings which are based on the result of data collected over the last six months on reported security vulnerabilities. The bulletin says that there were no reports of active customer exploitation or abuse of these newly reported issues.

The latest May update patches six vulnerabilities that have been flagged as "critical" by Google, and 12 vulnerabilities that fall on the spectrum of "high" severity. The company has also listed six "moderate" security glitches that have also been resolved.

The critical security vulnerabilities fixed in the update by Google include remote code execution vulnerability in mediaserver, which if left untreated could allow an attacker to cause memory corruption and remote code execution as the mediaserver process.

Other vulnerabilities such as elevation of privilege vulnerability in debuggerd, elevation of privilege vulnerability in Qualcomm TrustZone, and elevation of privilege vulnerability in Qualcomm Wi-Fi driver, and elevation of privilege vulnerability in NVIDIA video driver can lead to the possibility of a local permanent device compromise, which may require re-flashing the operating system to repair the device.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Ketan Pratap
Ketan Pratap is the editor at Gadgets 360 - with over 12 years of experience covering the technology domain. With a breadth and depth of knowledge in the field, he's done extensive work across news, features, reviews, and opinion pieces. But what's truly inspiring about Ketan is how he spends his free time. He's often found gazing at snow-capped mountains from over 20,000 feet while sitting on the hood of his car, taking in the breathtaking beauty of nature. His passion for the great ...More
Uber Paytm Tie-Up Will Let You Pay for an NYC Cab in Rupees
Burrp Gets a Material Design Makeover, Adds Offers and Events to Home Screen
Share on Facebook Gadgets360 Twitter Share Tweet Snapchat Share Reddit Comment google-newsGoogle News
 
 

Advertisement

Follow Us

Advertisement

© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »