Google has launched a new batch of fixes for Android M, addressing vulnerabilities that could allow attackers to compromise the Android devices.
Earlier this year, the search and mobile company said it will release monthly security patches to make sure that devices are protected against the latest security flaws. Google released its fifth monthly release so far for all Nexus devices. Firmware updates are being rolled out as an over-the-air update and the patches will be added the Android Open Source Project (AOSP) very soon.
The search engine giant said the most severe bugs (CVE-2015-6619) is rated at the highest critical level because of the possibility of an irreversible device damage that could only be repaired by reflashing the Android software. This particular bug affects all versions of Android and was reported earlier this year. It could allow an attacker to remotely run code by exploiting a flaw in the system kernel.
Other critical bugs are related to media file processing. One of the bulletins (CVE-2015-6616) stated that an attacker could be allowed to remotely run malware, which could be triggered by sending an MMS with a specially-crafted media file to an affected device, leading to memory corruption.
It also include highly-rated vulnerabilities target flaws in Bluetooth, the media processing service, audio file processing, and how Android handles Wi-Fi, ZDNet reported.
Nexus devices will get the security updates first. Android manufacturers such as Samsung, LG, and BlackBerry will follow shortly.
Google recommends that users of older Android versions update to the latest one, according to PC World. The latest versions of Android have security enhancements in place that can make exploitation of some vulnerabilities harder or impossible.
In addition, security team of Google is using features such as Verify Apps and SafetyNet to monitor for and block potentially harmful applications.