Monday, August 7, 2017

Android Security Bulletin Released for August 2017; Security Update Rolling Out to Supported Google Devices

Habitually right on schedule, Google has released the Android Security Bulletin for this month along with updated security patches for recently discovered vulnerabilities. This month's security update includes fixes for a wide range of vulnerabilities ranging from critical to low vulnerability levels

Google has again provided two security patch level strings to make it easier for OEMs to fix common vulnerabilities across the Android platform. Security patch level 2017-08-01 (partial) ensures that all vulnerabilities up to the 2017-08-01 date have been addressed, while security patch string 2016-08-05 (complete) indicates that all issues up to the 2017-08-05 date have been fixed. An overview of the particular vulnerabilities that have been patched has been detailed in the announcement post.

Google lists the most severe of the patched vulnerabilities under several headers:

  • Framework; Media Framework; Kernel Components; Mediatek Components; Qualcomm Components: The most severe vulnerabilities in these sections could enable a local malicious application using specially crafted files to execute arbitrary code within the context of a privileged process.
  • Libraries; Broadcom Components: The most severe vulnerabilities in these sections could enable a remote attacker using specially crafted files to execute arbitrary code within the context of an unprivileged process.

Source code patches for these issues will be released to the Android Open Source Project (AOSP) repository in the next 48 hours.

As usual, OTA updates will be rolled out to the Pixel devices and supported Nexus devices in the coming weeks. Meanwhile, the factory images and full OTAs are also available from the Android Developers site if you want to flash them manually.

Links for the factory images and full OTA's for Pixel and Nexus devices are given below for your convenience. We advise you to confirm that you are flashing the build intended for your device only.

Device (Codename) Build Version Factory Image Full OTA Image
Pixel XL (marlin) NJH47F Link Link
Pixel XL – T-Mobile, Fi carriers, and Rogers NKG47S Link Link
Pixel XL – Deutsche Telekom NZH54D Link Link
Pixel XL – Verizon NHG47Q Link Link
Pixel (sailfish) NJH47F Link Link
Pixel – T-Mobile, Fi carriers, and Rogers NKG47S Link Link
Pixel – Deutsche Telekom NZH54D Link Link
Pixel – Verizon NHG47Q Link Link
Pixel C (ryu) N2G48C Link Link
Nexus 6P (angler) N2G48C Link Link
Nexus 5X (bullhead) N2G48C Link Link
Nexus 6 (shamu) N8I11B Link Link
Nexus Player (fugu) N2G48C Link Link
Nexus 9 LTE (volantisg) N4F27K Link Link
Nexus 9 WiFi (volantis) N9F27H Link Link

Have you flashed the latest update? Let us know your experience with the new update in the comments below!

Source: Android Security Bulletin



from xda-developers http://ift.tt/2hD7afL
via IFTTT

No comments:

Post a Comment