Renamed Android Security Bulletin now lists vulnerabilities for all devices, May security patch for Nexus rolling out


Like last month’s, the May security patch for Nexus devices is full of fixes across the board. This month’s bulletin includes several procedural changes that expand the security bulletin to list vulnerabilities for all Android devices.

Spurred by Stagefright last August, Google began issuing monthly security patches for its Nexus devices and many OEM partners did the same. Google is now renaming its monthly advisories to the Android Security Bulletin to “encompass a broader range of vulnerabilities that may affect Android devices.” Additionally, severity ratings have been updated to align them more closely with real world impact to users.

The security bulletin now lists whether a vulnerability affects a Nexus device. Save for one, 24 Nexus vulnerabilities were identified and patched up in this May’s update. The most severe of these issues is a critical security vulnerability that could enable remote code execution when processing media files.

It usually takes about a week for the update to start rolling out. Those who don’t want to wait for the OTA can download the factory images below:

If you need help flashing factory images, check out our guide here. Keep in mind that flashing your device will wipe any data on it. For most users, this is not worth the hassle and waiting for the OTA is the wiser option.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Google — experts who break news about Google and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Google on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel



Avatar for Abner Li Abner Li

Editor-in-chief. Interested in the minutiae of Google and Alphabet. Tips/talk: