family, which eliminated around 16 vulnerabilities in Android OS. The update is
part of the google’s security policy in which company will release a security
update every month to make its Nexus devices more secure.
latest monthly update, one of the critical flaw could lead to permanent device
compromise. Which can only be fixed by reflashing the entire OS. Apart from fixing
this critical vulnerability , latest update eliminated three other highly
critical vulnerabilities according to an official
announcement on google groups.
back in August and the company has received pretty warm feedback from its Nexus
users. This is the fifth security patch and so far more than 15 critical
vulnerabilities has been fixed in Nexus devices since the start of August.
Google in this latest update:
Mediaserver – (CVE-2015-6616)
corruption and remote code execution as the mediaserver process.
processing a specially crafted media file, that could lead to memory corruption
and remote code execution in a privileged process.
could enable a local malicious application to execute arbitrary code within the
device root context.
Driver – (CVE-2015-6633,CVE-2015-6634)
processing a media file, could cause memory corruption and potential arbitrary
code execution in the context of the user mode driver loaded by mediaserver.
rated as highly seavere and only two are rated as Moderate. The updates are
currently only available for Nexus users, but other Android users (Samsung,LG,Black
Berry) will receive the updates in few days.