Google has re-branded its monthly patch release, bringing a new name and new scope to the newly renamed Android Security Bulletin. While that may be new, the content is definitely familiar.
Once again, critical remote code execution Mediaserver vulnerabilities dominate this month’s patches. Mediaserver has been a front and center security issue since last summer’s Stagefright disclosures. The software serves up media content and interacts with the kernel, making it a tasty target for attacks. Researchers, meanwhile, have called it an “over-privileged” application since it’s granted system access on some devices.