Google’s May Security Patch is Rolling Out – Download Factory Images for Nexus Devices Here

Google has officially released the security patch for the month of May which will be rolling out first to Nexus devices then to other smartphones as more and more manufacturers get their hands on the new update to build it for their handsets.

In addition to the usual security fixes and bug patches, Google announced that they are renaming their bulletin board to the Android Security Board to better suite the fact that these updates not only roll out to Nexus phones and tablets but to Android devices in general regardless of whether issues fixed in the builds affect a Nexus or not.

In total, 24 issues have been fixed in the latest security patch, with the most severe being one that could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files.

Here’s the full list of bugs fixed and security flaws patched listed on this month’s bulletin board:

To get this new update on your device right now, you must have a Nexus device and a) wait for the patch to reach you via OTA or b) flash it manually using one of the factory images below. I must warn you that this will erase all data on your phone/tablet, so be sure to make a backup first of anything important.

• Pixel C
• Nexus 6P
• Nexus 5X
• Nexus 6
• Nexus Player
• Nexus 9 (LTE)
• Nexus 9 (Wi-Fi)
• Nexus 5
• Nexus 7 2013 (Wi-Fi)
• Nexus 7 2013 (Mobile)

Google has provided users with a guide on how to flash the image to your device. As I don’t currently have one personally, I thought I’d add Google’s to this report for reference.

Flashing Instructions

To flash a device using one of the system images below (or one of your own), you need the latest fastboot tool. You can get it from one of the sources below.

• From a compiled version of the Android Open Source Project.
• From the platform-tools/ directory in the Android SDK. Be sure that you have the latest version of the Android SDK Platform-tools from the SDK Manager.

Once you have the fastboot tool, add it to your PATH environment variable (the flash-all script below must be able to find it). Also be certain that you’ve set up USB access for your device, as described in the Using Hardware Devicesguide.

Caution: Flashing a new system image deletes all user data. Be certain to first backup any personal data such as photos.

To flash a system image:

1. Download the appropriate system image for your device below, then unzip it to a safe directory.
2. Connect your device to your computer over USB.
3. Start the device in fastboot mode with one of the following methods:
   • Using the adb tool: With the device powered on, execute:

     adb reboot bootloader

   • Using a key combo: Turn the device off, then turn it on and immediately hold down the relevant key combination for your device. For example, to put a Nexus 5 (“hammerhead”) into fastboot mode, press and hold Volume Up + Volume Down + Power as the device begins booting up.
4. If necessary, unlock the device’s bootloader by running:

   fastboot flashing unlock

   or, for older devices, running:

   fastboot oem unlock

   The target device will show you a confirmation screen. (This erases all data on the target device.)

5. Open a terminal and navigate to the unzipped system image directory.
6. Execute the flash-all script. This script installs the necessary bootloader, baseband firmware(s), and operating system.

Once the script finishes, your device reboots. You should now lock the bootloader for security:

1. Start the device in fastboot mode again, as described above.
2. Execute:

   fastboot flashing lock

   or, for older devices, running:

   fastboot oem lock

Locking bootloader will wipe the data on some devices. After locking the bootloader, if you want to flash the device again, you must run fastboot oem unlock again, which will wipe the data.

Have you received May’s security patch yet on your Nexus device? Let us know in the comments!