Google announced May security patches for its last lineup of Nexus gadgets, the Nexus 6P and Nexus 5X and Pixel. Those smartphones will receive security updates until September 2018, while application updates will apply only to available until September 2017. The corporations of Pixel instruments, on the other hand, will get security updates until October 2019, at the same time its final software update might be on hand until October next year.
Google partners have notified for the problems and supply source code patches were launched to the Android Open Source Project. The Google device firmware image have additionally released to the Google Developer site. The updates must be on hand to Pixel and Nexus device trough OTA update.
Essentially the most extreme of these issues is a critical security vulnerability that could enable remote code execution on an affected device through multiple methods such as e-mail, web browser, and MMS when processing media records. The severity comparison founded on the result that exploiting the vulnerability would most likely have on an affected device, assuming the platform and repair mitigations are disabled for development purposes or if efficiently bypassed.
However, Craig younger – Computer Security Expert for Tripwire's Vulnerability and Exposures study staff, still curious if the mitigations pushed via Google in the Android 7.0 release will stop an attacker.
“Google does note that the impact is determined based on the assumption that reductions are disabled or have successfully bypassed, but this is not as helpful as it could be. It would be nice to see Google release more detailed bulletins indicating the impact of various vulnerabilities specifically to the different Android versions. Until recently, Microsoft provided this level of detail in their bulletins, and it was helpful for highlighting the security advantages of keeping up with the latest Windows version and not just the most recent patch level,” he mentioned.