Google Publishes October Android Security Bulletin

Google has published the October Android Security Bulletin following its earlier launch of the Factory and OTA images for the October Android Security Patch for its Nexus and Pixel devices, shedding some light on a little more of the detail about what this month's patch attempts to fix in terms of vulnerabilities and other security issues and risks. As is always the case, partners of Google's Android program are notified about a month ahead of when Google publishes these bulletins, so any non-Pixel or non-Nexus devices shouldn't have to wait too long for their patches to be pushed out, though that will ultimately depend on how good those OEMs are at sending out these patches, as some are much quicker at it than others.

Another good thing to take note of is that while the Factory Images and OTA images are now live, AOSP links are not. Google does however mention that it will post the AOSP links to the bulletin as soon as the links are available, so anyone interested in getting their hands on them will want to keep an eye on the security bulletin as they could show up later today or sometime between now and the next week.

In regards to the security issues that have been fixed, the bulletin showcases that there are a handful of critical issues that needed to be resolved in the media framework category, along with a couple of critical issues in the Qualcomm Components category. Also worth mentioning is that not all of these issues are part of the same patch framework. The critical vulnerabilities in the Media Framework category for example, are part of the October 1st security patch framework, while the Qualcomm Components vulnerabilities are part of the October 5th security patch framework. If you've never gone over a security bulletin before but were curious to start checking them out, Google has each vulnerability associated with a type code to denote what type of risk or issue it is. These can be a bit confusing, so Google has also included a handy guide that helps to label and highlight what each type code means. RCE, for example, is Google's abbreviation for Remote Code Execution, while DoS stands for Denial of Service, and so on. You can find this table of references towards the bottom of the security bulletin if you're interested.

Copyright ©2019 Android Headlines. All Rights Reserved
This post may contain affiliate links. See our privacy policy for more information.
You May Like These
More Like This:
About the Author

Justin Diaz

Head Editor
Lover of food, craft beer, movies, travel, and all things tech. Video games have always been a passion of his due to their ability to tell incredible stories, and home automation tech is the next big interest, in large part because of the Philips Hue integration with Razer Chroma. Current Device: Google Pixel.
Android Headlines We Are Hiring Apply Now