Google release Factory Images for Nexus Devices with February 2016 Security updates

Earlier today BlackBerry rolled out an update for the BlackBerry Priv which contained Google’s February 2016 Security updates.

Google have now released factory images with the same February security patch for Nexus devices.

You can now download the latest factory image from Google and flash it yourself.

The update is still Android 6.0.1, but carries a different version number depending which phone or tablet you are using.

 

The update is available for:

  • Nexus 5
  • Nexus 5X
  • Nexus 6P
  • Nexus 6
  • Nexus Player
  • Nexus 7
  • Nexus 9

The most severe of these issues is a Critical security vulnerability that could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files.

The Remote Code Execution Vulnerability in Broadcom’s Wi-Fi driver is also Critical severity as it could allow remote code execution on an affected device while connected to the same network as the attacker.

Security Vulnerability Summary
[table style=”table-striped”]

Issue CVE Severity
Remote Code Execution Vulnerability in Broadcom Wi-Fi Driver CVE-2016-0801
CVE-2016-0802
Critical
Remote Code Execution Vulnerability in Mediaserver CVE-2016-0803
CVE-2016-0804
Critical
Elevation of Privilege Vulnerability in Qualcomm Performance Module CVE-2016-0805 Critical
Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver CVE-2016-0806 Critical
Elevation of Privilege Vulnerability in the Debugger Daemon CVE-2016-0807 Critical
Denial of Service Vulnerability in Minikin CVE-2016-0808 High
Elevation of Privilege Vulnerability in Wi-Fi CVE-2016-0809 High
Elevation of Privilege Vulnerability in Mediaserver CVE-2016-0810 High
Information Disclosure Vulnerability in libmediaplayerservice CVE-2016-0811 High
Elevation of Privilege Vulnerability in Setup Wizard CVE-2016-0812
CVE-2016-0813
Moderate

[/table]
You can check out full details of the Security Bulletin February 2016 here.