Google has started rolling out the May security patches for its Pixel and Nexus lineup of smartphones. The patch fixes a number of bugs and vulnerabilities in the system and in its May security bulletin, Google describes a “critical security vulnerability" that the patch fixes. This vulnerability could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files. However, the company notes that they have had no reports of active customer exploitation or abuse of these newly reported issues.
Google notes that partners were notified of the issues and source code patches for the same have been released to the Android Open Source Project. The updates should be available to Pixel and Nexus devices via an OTA update.
Last week, Google announced that its last lineup of Nexus devices, the Nexus 6P and Nexus 5X, will receive security updates till September 2018, while software updates will only be available till September 2017. The company’s new Pixel devices on the other hand will get security updates till October 2019, while its last major software update will be available till October next year, which will most likely be Android P.