Google patched 10 critical code execution bugs which could enable an attacker to carry out remote attacks.
The August 7 Security Bulletin also described patches for several High and Moderate level vulnerabilities which could allow similar attacks, all of which were contained in the devices' Media Framework, Broadcom, Kernal. MediaTek, and Qualcomm components.
“The most severe of these issues is a critical security vulnerability in media framework that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process,” the bulletin said.
In total, Google patched 49 flaws and includes the new Android 7.1.2 update for Google Pixel, Pixel XL, Pixel C, Nexus 6P, and Nexus 5X. None of the vulnerabilities have been exploited in the wild and users are encouraged to update their devices as soon as possible.