Friday , December 14 2018 Ausdroid » Software » Android, Modding & Updates » June security update for Nexus devices is now live – OTA’s, Factory images and of course a security bulletin

Nexus Logo
It’s June, so as we’ve seen every month since Google announced they would be announcing monthly security vulnerabilities and releasing patches for them, Google has released their monthly security blog, as well as updated the factory images for supported Nexus devices and also added OTA files for them as well.

The factory images can be flashed onto your device, but you may want to check out the OTA updates which are probably a bit easier and integrate with your phone or tablet a little easier. The Nexus Player, Nexus 5, Nexus 6, Nexus 7 (Wi-Fi & GSM) and Nexus 9 (Wi-Fi & LTE) all are on build MOB30M, while the Nexus 5X and 6P are on MTC19V. The Pixel C stands alone with build number MXC89H.

The list of vulnerabilities this month include 21 issues with sub-issues listed by their Common Vulnerability and Exposures ID (CVE), in all there are six critical, eleven high and four moderate issues to report this month. Google has laid them out in a nice table in their security blog, or you can see them here:

Issue CVE Severity Affects Nexus?
Remote Code Execution Vulnerability in Mediaserver CVE-2016-2463 Critical Yes
Remote Code Execution Vulnerabilities in libwebm CVE-2016-2464 Critical Yes
Elevation of Privilege Vulnerability in Qualcomm Video Driver CVE-2016-2465 Critical Yes
Elevation of Privilege Vulnerability in Qualcomm Sound Driver CVE-2016-2466
CVE-2016-2467
Critical Yes
Elevation of Privilege Vulnerability in Qualcomm GPU Driver CVE-2016-2468
CVE-2016-2062
Critical Yes
Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver CVE-2016-2474 Critical Yes
Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver CVE-2016-2475 High Yes
Elevation of Privilege Vulnerability in Qualcomm Sound Driver CVE-2016-2066
CVE-2016-2469
High Yes
Elevation of Privilege Vulnerability in Mediaserver CVE-2016-2476
CVE-2016-2477
CVE-2016-2478
CVE-2016-2479
CVE-2016-2480
CVE-2016-2481
CVE-2016-2482
CVE-2016-2483
CVE-2016-2484
CVE-2016-2485
CVE-2016-2486
CVE-2016-2487
High Yes
Elevation of Privilege Vulnerability in Qualcomm Camera Driver CVE-2016-2061
CVE-2016-2488
High Yes
Elevation of Privilege Vulnerability in Qualcomm Video Driver CVE-2016-2489 High Yes
Elevation of Privilege Vulnerability in NVIDIA Camera Driver CVE-2016-2490
CVE-2016-2491
High Yes
Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver CVE-2016-2470
CVE-2016-2471
CVE-2016-2472
CVE-2016-2473
High Yes
Elevation of Privilege Vulnerability in MediaTek Power Management Driver CVE-2016-2492 High Yes
Elevation of Privilege Vulnerability in SD Card Emulation Layer CVE-2016-2494 High Yes
Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver CVE-2016-2493 High Yes
Remote Denial of Service Vulnerability in Mediaserver CVE-2016-2495 High Yes
Elevation of Privilege Vulnerability in Framework UI CVE-2016-2496 Moderate Yes
Information Disclosure Vulnerability in Qualcomm Wi-Fi Driver CVE-2016-2498 Moderate Yes
Information Disclosure Vulnerability in Mediaserver CVE-2016-2499 Moderate Yes
Information Disclosure Vulnerability in Activity Manager CVE-2016-2500 Moderate Yes

You can get the OTA files or Factory images from the Nexus developer page, but remember you’ll have to accept the terms and conditions for use before you can jump in there.

Source: Nexus Security Bulletin, Nexus OTA, and Nexus Factory Images.

Daniel Tyson   Ausdroid's Editor in Chief

Dan is a die-hard Android fan. Some might even call him a lunatic. He's been an Android user since Android was a thing, and if there's a phone that's run Android, chances are he owns it (his Nexus collection is second-to-none) or has used it.

Dan's dedication to Ausdroid is without question, and he has represented us at some of the biggest international events in our industry including Google I/O, Mobile World Congress, CES and IFA.

6
Join the Ausdroid Conversation

avatar
4 Comment threads
2 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
6 Comment authors
AppleDeFekTorMattBrinMichael Ccraigo Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
AppleDeFekTor
Guest
AppleDeFekTor

Just downloaded june security update S7 on Vodafone, previously was February came installed on it

Matt
Ausdroid Reader
Matt

I still haven’t installed the last one. Yup.. left that notification sitting there for the last ~ 3 weeks now.

craigo
Guest

Looking forward to Android N no longer needing to check each app after the security update. With over 100 apps on my phone, it renders my phone unusable for almost an hour.

Anthony Maniatopoulos
Ausdroid Reader

You know what’s funny, for the first time my Vodafone s7 edge had this Android security update since Saturday, 3 days before the nexus. Didn’t think it was possible.

Michael C
Guest
Michael C

It was probably a previous month update.

Brinly Taylor
Ausdroid Reader

It’s possible, partners get Android security patches early 🙂

I know. I work for a Android oem :P, no ama sorry.

Check Also

Harvey Norman discounts Pixel 3, Pixel 3 XL, Pixel Stand and official cases by 10% – today only

If you’re looking for a deal on the Pixel 3, Pixel 3 XL or even …