Last year Google introduced monthly security patches to Nexus devices which aim to keep all supported Nexus smartphones and tablets updated with the latest security fixes. Just a little bit earlier this morning Google began releasing the factory images for Nexus devices, and as of now Google has also released the March security bulletin for Nexus devices which contains the details of the changelog. This will allow users to keep informed on which bugs and any other security issues have been fixed with this most recent patch, and which ones they may still be waiting on a fix for, if any.
As of today’s security update which has likely not hit many devices over the air, Google has fixed a total of sixteen issues, six of which were critical issues. The critical issues include a Remote Code Execution Vulnerability in media server, a Remote Code Execution Vulnerability libvpx, elevation of privilege in Conscrypt, Elevation of Privilege Vulnerability in the Qualcomm
Performance Component, Elevation of Privilege Vulnerability in MediaTek Wi-Fi Driver, and Elevation of Privilege Vulnerability in Keyring Component. In addition to the six critical issues there were also high-level severity issues that were fixed with this patch, which include Mitigation Bypass Vulnerability in the Kernel, Elevation of Privilege in MediaTek Connectivity Driver, Information Disclosure Vulnerability in Kernel, Information Disclosure Vulnerability in libstagefright, Information Disclosure Vulnerability in Widevine, Elevation of Privilege Vulnerability in Mediaserver, Information Disclosure Vulnerability in Mediaserver, and Remote Denial of Service Vulnerability in Bluetooth.
The last two issues, both of which were moderate on the severity level are Information Disclosure Vulnerability in Telephony, and Elevation of Privilege Vulnerability in Setup Wizard. Google gives a nice little summary breakdown of each and every issue which has been addressed with the March Security patch, and all of that information can be found inside of the bulletin. As stated above while there’s no telling how many people have already received this month’s security patch over-the-air, Google has released the factory images for the patch though, which you can download and flash manually if you’re comfortable with the process, otherwise simply waiting will get you the update soon enough.