Monday, February 6, 2017

Android Security Bulletin Released for February 2017

Following last month's bulletin, Google has released the second battery of security updates for supported devices. OTAs for those devices can be expected to roll out within the next few days.

Similar to January's security patches, this month's update provides fixes for several remote code execution vulnerabilities, as well as several privilege elevation vulnerabilities and some compromised aspects of certain Qualcomm components. The most worrisome problem that this bulletin has dealt with was a remote code execution vulnerability at the kernel level of Qualcomm's cryptography driver, as well as a similar privilege elevation vulnerability with a generic Android kernel. The latter impacted every Nexus and Pixel device since the 5X, as well as all Android One devices. Other less-critical issues like Bluetooth and Nvidia driver vulnerabilities have also been dealt with in this update.

Blackberry has entered the fray again this month and also provided a security bulletin which similarly patches a handful of critical privilege elevation and remote code execution vulnerabilities in Blackberry's Android devices. Priv owners will be happy to know that Blackberry has indeed included all of the vulnerability fixes mentioned in Google's February Android Security Bulletin.

Installation

Blackberry has not yet chosen to release factory images or OTAs for download, but users can of course visit Settings>About Phone and should find a February 5th, 2017 security patch available for download.

For Google devices, updates can be found below.

All updates for the devices above can be found and verified here, for those of you who prefer to verify MD5s before flashing anything.

Source: http://ift.tt/2kA7V7e



from xda-developers http://ift.tt/2lhTDI6
via IFTTT

No comments:

Post a Comment