The official August 2018 security bulletin for Android is now out and ready to download onto your Pixel or qualifying Nexus device. The Pixel and Pixel 2 smartphone families have a factory image up that ties the bulletin into their Android 9 Pie updates, while the Pixel C tablet gets the bulletin over Android 8.1 Oreo. The Huawei Nexus 6P and LG Nexus 5X also get the bulletin over their current Android versions. With these patches out, manufacturers should be putting out their own patches in the near future; as a rule of thumb, manufacturers are given briefings on security issues in time to give them a full month to develop their own patches before Google releases its official set, which has actually resulted in other OEMs' devices getting them before Google phones do in the past.
This month's bulletin includes a grand total of 44 new fixes, many of which apply exclusively to Qualcomm Snapdragon devices and apply security fixes to their closed-source components. The most critical fix on the list is a universal one that would allow an attacker who's gained privileged access on an Android device to remotely execute any code they like with help from an altered system file. This particular vulnerability is a bit alarming, since it could theoretically affect any user that gives apps from the Play Store or elsewhere privileged access or Device Administrator privileges, as well as anybody who roots their device or otherwise bypasses some or all of Google's built-in device security measures. The patch does not contain any fixes below the High severity level, indicating a patch that's extremely important and will hopefully make its way to non-Pixel devices very soon.
If you have a Pixel or qualifying Nexus device and don't want to wait for the patch to drop over the air, all you have to do is head to Google's Android Source page and download an factory image to sideload. This can be done via ADB and Fastboot fairly easily on any computer running Windows, Linux, Mac or Chrome OS. As a caveat, doing this will erase your device's current user data, so if you don't want to lose anything, either wait for the over-the-air update, or make a backup to an external location before flashing the update.