Google has made its monthly security patches available to select Android devices.
September’s patches plug a significant number of security holes that threaten most Android devices. Google found dozens of vulnerabilities, including a number of which classified as critical, or able to remotely execute code. Some of problems are related to specific hardware and the associated software drivers that control them, such as components from MediaTek, Qualcomm, and Broadcom.
Other vulnerabilities impact the kernel, system, and media framework directly. Google is pushing two separate patches to cover these problems, one dated September 1 and the second dated September 5. Google said the Pixel, Pixel XL, Pixel C, Nexus Player, Nexus 5X, and Nexus 6P devices will receive the September security patches as part of the upgrade to Android 8 Oreo.
Google has already posted factory images for download from its web site. Google’s handsets will receive both patches in a single download. As far as Google is aware, none of these security holes have been exploited by hackers or other entities. Google has already given the patches to its device-maker partners.
Phone manufacturers are responsible for updating their own smartphones with the patches.
