The search giant has also published changelogs on the Android Open Source Project (AOSP) for its partners and other manufacturers, with source code patches for the February Android security update for devices running Android 6.0.1 Marshmallow and Android 5.1.1 Lollipop set to be released over the next 48 hours. Google has also posted the new factory images with the February Android security update for Nexus devices on the Google Developer site.
In its Nexus Security Bulletin, Google said the February Android security update has fixed one of the most severe security vulnerabilities that could enable remote code execution on an affected device through multiple methods (such as email, Web browsing, and MMS) when processing media files. It added that the remote code execution vulnerability in Broadcom's Wi-Fi driver is also critical severity as it could allow remote code execution on an affected device while connected to the same network as the attacker. The company however said that it received no reports of active customer exploitation of the newly reported issues.
Some of the other critical security vulnerabilities fixed in the update by Google include remote code execution vulnerability in mediaserver, elevation of privilege vulnerability in Qualcomm performance module, elevation of privilege vulnerability in Qualcomm Wi-Fi driver, and elevation of privilege vulnerability in the debugger daemon. Much like the January security update, the February Android security update is purely focused on security fixes and does not upgrade the Android version.
The Nexus 5, Nexus 5X, Nexus 6, and Nexus 6P will get the new Android security OTA update with build MMB29Q. The same build will be available for Nexus 7 2013 Wi-Fi and LTE. The Nexus 9 Wi-Fi only and LTE will receive OTA updates with build MMB29R. Nexus Player will start receiving OTA security updates with build MMB29U while Google has for the first time added Pixel C tablet to the lot and is now receiving the new build MXB48T.
In other news, BlackBerry has started seeding the February Android security update for its Priv smartphone, which still runs Android 5.1.1 Lollipop.