Google released a security update for its Nexus devices via OTA (Over-the-Air) as a part of the Android security bulletin monthly release process. Some firmware images for Nexus devices have also been released to the Google Developer site.
The update is for builds LMY49G or later versions and Android M with security patch level of 1st February 2016 or later addressing the android issues. To check the security patch level refer to the Nexus documentation for instructions.
As reported on the android source, partners were already notified about the issues described on the bulletin released on 4th January this year. They revealed that these issues will receive the source code patches to Android Open Source Project (AOSP) repository in the next 48 hours. However, the bulletin will be revised with the AOSP links when they will become available.
Most severe issue reported is Critical Security Vulnerability which is capable of enabling remote code execution on affected device using multiple methods such as web browsing, email and MMS. The remote code execution vulnerability seen in the Wi-Fi driver from Broadcom is also a critical security. It allows for remote code execution on the affected device when it’s connected to the same network which is also being used by the attacker.
As per reports, the update includes the fixes such as fix for five critical issues, moderate bug and four high priority issues. It is revealed that Nexus 6P, 5X, 6, 5 and 7 (2013) are all receiving Android Marshmallow based MMB29Q build. This security patch for the month of February is also rolling out to the Google Pixel C, Nexus 9 and Nexus Player handsets with build numbers MXB48T, MMB29R and MMB29U respectively. Also, the Nexus 10 update is also rolling with the Android 5.1.1 based LMY49G build.
For those who have not yet received the OTA update notification but are feeling impatient to receive it can get it from here and download the factory images. But before you do so we would like to inform you that installing a factory image will restore your handset to factory settings, which can let you lose your personal data.