January Android Security Update Released

As expected, Google released the January Android Security Update patches yesterday for the Google Pixel phones and Nexus devices.  The full system images and the OTA images have been released to the Android Developer site already so users who have these devices should start seeing the OTA update come to their phones or tablets over the course of the next few days.  For those who want to manually flash, you can do so with these factory images.

The new build versions are as follows:

  • Google Pixel XL – NMF26U or NMF26V (for Verizon owners)
  • Google Pixel – NMF26U or NMF26V (for Verizon owners)
  • Pixel C – N4F26I
  • Nexus 6P – N4F26I and N4F26J
  • Nexus 5X – N4F26I and N4F26J
  • Nexus Player – NMF26R
  • Nexus 9 (Wi-Fi) – NMF26R

Notably the Nexus 6 is not on this list nor is the Nexus 9 LTE version.  The Nexus 6 should be getting Nougat 7.1.1 next week but it is unclear why the Nexus 9 LTE did not get updates yet.

As for fixes, there are a lot in the January Android Security Update.  As has become the norm, there are two patches that make up the update.  The first patch, 2017-01-01 addressed Android issues

Android N on The Nexus 6
Android Nougat

and fixes one critical issue and 10 high priority ones.  Most of these fixes have to do with elevation of privileges or remote execution vulnerabilities.  The 2017-01-05 patch has fixes for nine critical issues and a whopping 18 high priority fixes.  This patch mostly deals with elevation of privileges or remote execution on specific drivers within the devices.  You can get the complete rundown of everything that has been fixed in the Android Security Bulletin.

For those who are new to Android or, more specifically, a Pixel or Nexus device, there is nothing more you need to do.  Over the course of the next few days (even up to a week) an update to this new security patch will be pushed to your phone or tablet.  You will get a notification to download and install the update and after about 10 minutes, you’ll be good-to-go.