Android Security Bulletin Released for February 2017
Similar to January’s security patches, this month’s update provides fixes for several remote code execution vulnerabilities, as well as several privilege elevation vulnerabilities and some compromised aspects of certain Qualcomm components. The most worrisome problem that this bulletin has dealt with was a remote code execution vulnerability at the kernel level of Qualcomm’s cryptography driver, as well as a similar privilege elevation vulnerability with a generic Android kernel. The latter impacted every Nexus and Pixel device since the 5X, as well as all Android One devices. Other less-critical issues like Bluetooth and Nvidia driver vulnerabilities have also been dealt with in this update.
Blackberry has entered the fray again this month and also provided a security bulletin which similarly patches a handful of critical privilege elevation and remote code execution vulnerabilities in Blackberry’s Android devices. Priv owners will be happy to know that Blackberry has indeed included all of the vulnerability fixes mentioned in Google’s February Android Security Bulletin.
Blackberry has not yet chosen to release factory images or OTAs for download, but users can of course visit Settings>About Phone and should find a February 5th, 2017 security patch available for download.
For Google devices, updates can be found below.
- Pixel XL
- Pixel XL (Rogers only)
- Pixel (Rogers only)
- Pixel C
- Nexus 6P
- Nexus 6P (Verizon only)
- Nexus 5X
- Nexus 6 (7.1.1)
- Nexus 6 (7.0.0)
- Nexus 6 (7.0.0, ATT only)
- Nexus Player
- Nexus 9 (LTE)
- Nexus 9 (WiFi)
All updates for the devices above can be found and verified here, for those of you who prefer to verify MD5s before flashing anything.
Want more posts like this delivered to your inbox? Enter your email to be subscribed to our newsletter.