Google Releases Fixes for New Android Flaws

To kick off CES week, though this isn’t related to CES at all, Google has posted the January security update for its Nexus line-up as factory images of Android 6.0.1. The most pressing critical security flaw in this latest round of patches is related to the mobile operating system’s Mediaserver program, which is where the now infamous “Stagefright” bug spawned from.

The slow adoption rate for a new version of Android is a symptom of the upgrade process in which both smartphone makers and wireless carriers must test each new version from Google for each device before planning and implementing a rollout. This can be exploited through any number of ways, including email, the browser and MMS when processing such files.

The new platform update holds a measly 0.7-percent share, meaning Gingerbread 2.3 and Ice Cream Sandwich 4.0 each have four times as many users as Marshmallow.

Twelve vulnerabilities in all were addressed in this latest security update. In this month’s update, Google said it has modified the default behavior on Hangouts and Messenger so that the apps would not automatically parse multimedia messages. This is still 6.0.1, but there are a variety of build numbers out there depending on the device. Nexus users who have Android 6.0 or above running on their phones are facing synchronization problems with Gmail, Inbox, etc. It might probably be a nasty bug that is causing delays syncing with these apps. And when Marshmallow begins rolling out to users in the US, you can expect some features of the user interface to be eye-catchingly updated.

The company released over-the-air firmware updates for its Nexus devices Monday and will publish the patches to the Android Open Source Project (AOSP) repository by Wednesday. If the security panel lists Security Patch Level of January 1, 2016 or later, then these issues have been addressed.