Google specially released this update for Nexus devices on Monday; these updates are the monthly quota patch cycle which is only for Google’s Nexus devices with Android 5.1 (Lollipop) and 6.0 (Marshmallow).
Within 48 hours, the open source code will be available for this update so that other smartphone brands can also supply the same update to their devices; Google will add the fixed vulnerability update source code to the Android Open Source Project(AOSP) in the next 48 hours.
As per Google’s release update, two of the vulnerability are said to be the most dangerous vulnerability, which are significant security flaws patched in the release of the update and tracked as CVE-2015-6608 and CVE-2015-6609.
The infected flaws are connected with media files, and these flaws are located in the media server. They can rebuild the Android component; in simple terms, both the flaws can control media files and the whole system.
Google Fixes Two Critical Vulnerability In Nexus Update
This types of vulnerability are some case of serious in that if flaws are not fixed, hackers to breach the device can be found in multiple ways, such as by sending MMS messages and fooling users into playing media in the browser. These types of security flaws are very dangerous for users.
The Android playback media component has been compromised. Still, with the security patched by Google, they have managed to rectify the problem with a solution patch update, earlier another security bug become popular named Stagefright which is a vulnerability in the library, marks other smartphone makers very seriously soon after the bug was revealed, the manufacturer and service support provider release security update to every Android devices since then every month security update were released for Android.
Among seven security flaws, two of them have been discussed above, but another five flaws are a media server, libstagefright, and lib media; all of these come under the media processing unit, and the next two flaws are in the Bluetooth and Telephony component which are little be serious but now have been patched by this update.
Google explains what is the current condition for all Android devices always regarding vulnerability coming forward; Google, of its serious evaluation, doesn’t consider the alleviations that can make misusing such defects more troublesome.
They incorporate the Verify Apps and SafetyNet administrations that screen for conceivably destructive applications, crippling programmed media preparation in applications like Google Hangouts and Messenger, and hostile to misuse procedures present in more recent adaptations of Android.