Google Begins Rolling Out January Android Security Update for Nexus, Pixel Devices

Google has started rolling out its monthly security update for the month of January for its Nexus and Pixel devices. Alongside, Google has also published factory images and full OTA images for Nexus and Pixel devices.

Google Pixel and Pixel XL users can download the Nougat-based builds NMF26U and NMF26V respectively. Other devices that have received the updated factory images and full OTA images include Nexus 6P with N4F26I and N4F26J builds (based on region), Nexus 5X with N4F26I build, Nexus 9 with N4F26M build, and Nexus Player with NMF26R build. Google has also released new N4F26I build for Pixel C. Unfortunately, Nexus 6 users will have to again wait for the updated factory images and full OTA images.

Google in its latest Android security bulletin has two security patch level strings. The company says that this will provide Android partners with the flexibility to more quickly fix a subset of vulnerabilities that are similar across all Android devices. The partial security patch level string (2017-01-01) indicates that all issues associated with previous security patch level strings are addressed while the complete security patch level string (2017-01-05) indicates that all issues associated with 2017-01-01 and 2017-01-05 (and all previous security patch level strings) are addressed. Google says that all supported devices will receive a single OTA update with the Wednesday security patch level.

In the January security patch, Google fixes total of 95 vulnerabilities in which 23 bugs are fixed with 2017-01-01 patch while 72 are fixed under 2017-01-05 patch.

The security bulletin assures that OEM partners were notified about the issues on December 5, and source code patches for these issues will be released to the Android Open Source Project (AOSP) repository in the next 48 hours. Between the two patches Google has fixed over two-dozen high severity issues and 10 critical problems.

Google adds, “We have had no reports of active customer exploitation or abuse of these newly reported issues.”