Google, as expected in the first week of every month, has released the latest Android monthly security update for its Nexus and Pixel devices. Alongside the new July Android security update, the company has also released system images and OTA files for compatible devices for users to side load. Compatible device owners can either wait for an official rollout via over-the-air (OTA) or can download the July OTA files and system images from the official site.
The compatible devices receiving the latest security update with new builds include Pixel and Pixel XL smartphones with new build NJH47D; Pixel C and Nexus 6P with build N2G48B; Nexus 5X with build N2G47Z; Nexus 6 with build N6F27H; Nexus Player with N2G48B, and Nexus 9 with N4F27I.
Some Google Pixel users, however, are facing issues with the new update, and are unable to install. Multiple Pixel users have reported the issue on Reddit as well as Google's very own Pixel User Community. Fortunately, Google has taken a note and promised it's working on it.
Pixel users on T-Mobile, Project Fi, and Rogers are seemingly the only ones facing an issue in updating their device, as pointed out by Android Police. International and Verizon Pixel users are facing no issue in installing the latest security update.
The latest Android security bulletin containing details of security vulnerabilities affecting Android devices for the month of July is now out and it fixes 11 critical issues. The new bulletin also fixes 32 moderate and 94 high rated issues. It has two security patch level strings: (2017-07-01) partial security patch level string, and (2017-07-05) complete security patch level string.
"The most severe of these issues is a critical security vulnerability in media framework that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process. The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed," notes Google in the security bulletin for the month of July.