Good news if you have an Android device, as Android just released a new Android Security Bulletin for February. This new update will come with 58 patches, but only Nexus devices will be getting this update right now.
Android Brings 58 Patches to New Security Bulletin
There will be 58 patches in the new Android Security Bulletin for February, but for right now only Nexus owners will be getting this update. If you have any other Android device other than the Nexus, you will need to wait a little while to get this new security update. The good news here is that there are 58 different bugs and vulnerabilities that are fixed in the February Android Security Bulletin.
There are a ton of things being fixed in this February Android Security Bulletin, but most of the things being fixed have to deal with the Stagefright vulnerability. This vulnerability has been around since 2015, and it has been a constant problem for Android and Google ever since. There are two very critical remote code execution bugs that this update is focused on. CVE-2017-0406 and CVE-2017-0407 are the two main bugs that are being fixed from the Mediaserver issue. These bugs can end up corrupting the memory and this could lead to a remote code execution.
Another couple patches that have to deal with Stagefright include CVE-2017-0409 and CVE-2017-0415. These are both high-severity vulnerabilities and have to deal with the remote code of libstagefright library and privilege escalation bugs within the mediaserver.
There are other bugs and vulnerabilities as well that were fixed in this update, with one being the Qualcomm crypto driver vulnerability. The other is a privilege escalation vulnerability that is within the NVIDIA GPU that runs in Nexus 9 devices. Another issue fixed is the privilege escalation vulnerability in the kernel file, which could actually brick your Android device. A patch was also put out for the Broadcom Wi-Fi Driver and another fix for the Qualcomm driver bugs. There was also an issue with the kernel networking that was fixed, which also could lead to your Android device being bricked. Out of the 58 fixes in the February Android Security Bulletin, 19 of them have to deal with the Qualcomm drivers. Out of those 19 bugs and fixes, only two of them are considered critical, which is good news.
You will be able to get this update now through the over-the-air update option if you have an Android Google Nexus device. For everyone else with an Android device, you will likely have to wait another few weeks if not a little longer for this update to hit your Android device. The reason being is that a lot of the vulnerabilities that are fixed in this update have to deal with the Nexus device specifically. There are updates in the February Android Security Bulletin for other Android devices, but most of those are low-risk and the critical or high-risk vulnerabilities seem to really be on the Nexus devices.
If your device is setup for over-the-air updates, you should see the update now or within the next couple days if you have an Android Nexus device. You also can go online and get the update without waiting for the over-the-air update option. Either way, if you own a Nexus device, you should really download this update as soon as you can due to the high-risk vulnerabilities that are fixed with this update.