Google has patched 30 vulnerabilities in Android’s Mediaserver component since it began releasing monthly security updates for the mobile operating system in August. Patches addressing flaws in Mediaserver and the media playback engine will likely be a mainstay of these monthly bulletins for the foreseeable future.
Google patched 12 vulnerabilities in the latest monthly Android Nexus Security Bulletin, of which five were rated as critical severity, two as high, and five as moderate. Google has patched at least one Mediaserver bug as part of these bulletins every month since August, and January continues the trend. January’s Mediaserver flaw (CVE-2015-6636), if successfully exploited, would allow an attacker to use email, Web browsing, and MMS processing of media files to remotely execute code.
To read this article in full or to leave a comment, please click here