The patch addresses a number of BGS and vulnerabilities, one of which has been described as a significant security vulnerability.
Google has begun rolling out security patches for May for its Pixel and Nexus lineup smartphones. The patch fixes a number of bugs and vulnerabilities in the system, and in its May security bulletin, Google describes a “significant security vulnerability” that the patch fixes. This vulnerability can allow remote code to be executed on the affected device through multiple methods, such as email. Web browsing, and MMS when processing media files. However, the company notes that it has no reports of active customer exploitation or abuse of these newly reported issues.
Google notes that partners were informed of the issues and that source code patches have been published in the Android Open Source Project. Updates should be available on Pixel and Nexus devices via an OTA update.
Last week, Google announced that the latest lineup of Nexus devices, the Nexus 6P and Nexus 5X, will receive security updates by September 2018, with software updates only available until September 2017. On the other hand, the company will get new pixel devices. Security update until October 2019, when its last major software update will be available until October next year, which will probably be Android P.