Android Security Bulletin: Everything you need to know!
Fixing the latest bugs and exploits in Android every month.
Google has detailed the latest Android Security Bulletin and released the fixes for Nexus and Pixel devices.
These are exploits and other security concerns that affect Android as a whole. Issues with the operating system, kernel patches, and driver updates may not affect any particular device, but these need to be fixed in the Android base by the folks maintaining the operating system code. That means Google, and they’ve detailed the things they have improved for this month.
Updated factory images for Pixel and Nexus devices that are supported are available, and over-the-air updates are rolling out to users. If you don’t want to wait, you can download and flash the factory image or OTA update file manually, and here are some handy instructions to get you started.
How to manually update your Nexus or Pixel
The company that made your phone uses these patches to send an update out to you.
These changes have been released to the people making Android phones for at least 30 days, but Google can’t force anyone to deliver them to you. If you’re using a phone from Samsung, LG, or anyone besides Google, you’ll need to wait for them to send an update and shouldn’t try to flash any of the above files.
Of course, Google has safety checks in place to prevent any problems on your phone because of any security exploits. Verify Apps and SafetyNet are at work anytime you add an app to your phone, and seamless updates to Google Play Services will keep them up to date regardless of any hold up from a manufacturer or carrier. Details and incident numbers can be found in the yearly Android Security Review (.pdf file).
Highlights for July 2018
July 2018’s update comes with two patch dates: 07/01/2018 and 07/05/2018.
- The same as every month, the Android Media Framework sees patches to prevent the latest exploits. This time several escalation of privilege attacks and a denial of service exploit have been patched.
- Qualcomm has patched a slew of issues, both open source and closed, that address issues for phones using its hardware.
- Google also patched a Pixel-specific issue to improve Wi-Fi reception with specific routers. That can be seen here.
Previous bulletin highlights
Here are summaries and highlights of recent patches from the monthly Android Security Bulletin. As with the current bulletin, these issues were also mitigated by Google’s Verify Apps, Safety Net, and seamless updates to Google Play Services.
Highlights for June 2018
June 2018’s update comes with two patch dates: 06/01/2018 and 06/05/2018.
- Once again the Android Media Framework sees patches to prevent the latest exploits from gaining elevated privileges, as does the Application Framework.
- LG, Qualcomm, MediaTek, and NVIDIA all provide important fixes for their assorted binaries across all devices, and critical issues with the bootloader were patched by Qualcomm and LG.
- Google also patched a number of Nexus and Pixel-specific issues in this month’s bulletin as well as made usability tweaks for those devices. Those can be seen here.
Highlights for May 2018
May 2018’s update comes with two patch dates: 05/01/2018 and 05/05/2018.
- The most severe issues addressed are in the Android runtime and Media framework, and would allow a remote user to gain elevated privileges if not fixed.
- Qualcomm and NVIDIA both provide important fixes for their assorted binaries across all devices, and Qualcomm has addressed a critical bug in the WLAN driver of their chips.
- Google also patched a number of Nexus and Pixel-specific issues in this month’s bulletin, which can be seen here.
Archives of all previous Android Security Bulletins are available at the Android Security website.
See the Android Security website for details on all bulletins
Updated July 2018: Google has detailed the latest Android Security Bulletin and released July 2018 security updates for Pixel devices.