Google has begun to roll out their monthly security patch to Nexus devices along with the Pixel C, with this update being built for the month of March 2016. According to the March security bulletin board, there are 16 fixes made to the software ranging from moderate to critical in severity. These bugs and issues were discovered by the Android and Chrome security teams alongside other independent researchers.
Here’s a rundown of all the bugs fixed in this month’s security patch:
Remote Code Execution Vulnerability in Mediaserver
Remote Code Execution Vulnerabilities in libvpx
Elevation of Privilege in Conscrypt
Elevation of Privilege Vulnerability in the Qualcomm
Elevation of Privilege Vulnerability in MediaTek Wi-Fi Driver
Elevation of Privilege Vulnerability in Keyring Component
Mitigation Bypass Vulnerability in the Kernel
Elevation of Privilege in MediaTek Connectivity Driver
Information Disclosure Vulnerability in Kernel
Information Disclosure Vulnerability in libstagefright
Information Disclosure Vulnerability in Widevine
Elevation of Privilege Vulnerability in Mediaserver
Information Disclosure Vulnerability in Mediaserver
Remote Denial of Service Vulnerability in Bluetooth
Information Disclosure Vulnerability in Telephony
Elevation of Privilege Vulnerability in Setup Wizard
Normally, you can expect the patch to hit your device in about a week, however if you’re impatient, you can download the appropriate factory image for your device you can flash manually.
From the platform-tools/ directory in the Android SDK. Be sure that you have the latest version of the Android SDK Platform-tools from the SDK Manager.
Once you have the fastboot tool, add it to your PATH environment variable (the flash-all script below must be able to find it). Also be certain that you’ve set up USB access for your device, as described in the Using Hardware Devicesguide.
Caution: Flashing a new system image deletes all user data. Be certain to first backup any personal data such as photos.
To flash a system image:
Download the appropriate system image for your device below, then unzip it to a safe directory.
Connect your device to your computer over USB.
Start the device in fastboot mode with one of the following methods:
Using the adb tool: With the device powered on, execute:
adb reboot bootloader
Using a key combo: Turn the device off, then turn it on and immediately hold down the relevant key combination for your device. For example, to put a Nexus 5 (“hammerhead”) into fastboot mode, press and hold Volume Up + Volume Down + Power as the device begins booting up.
If necessary, unlock the device’s bootloader by running:
fastboot flashing unlock
or, for older devices, running:
fastboot oem unlock
The target device will show you a confirmation screen. (This erases all data on the target device.)
Open a terminal and navigate to the unzipped system image directory.
Execute the flash-all script. This script installs the necessary bootloader, baseband firmware(s), and operating system.
Once the script finishes, your device reboots. You should now lock the bootloader for security:
Start the device in fastboot mode again, as described above.
fastboot flashing lock
or, for older devices, running:
fastboot oem lock
Locking bootloader will wipe the data on some devices. After locking the bootloader, if you want to flash the device again, you must run fastboot oem unlock again, which will wipe the data.
Have you received the security patch yet for March on your Nexus device? Let us know in the comments!