Google's Android Security Bulletin for August 2016 is now live!

Android (Image credit: Android Central)

The August Security Update has been released, complete with a detailed post from Google detailing all of the issues that have been discovered and fixed. This update marks the first whole year of Google's promise to release monthly security-related updates to Android, and it's important to take a look at how few manufacturers have followed the Nexus line into releasing monthly updates to keep your phone secure.

While security may not be the most important smartphone feature for many users, it's usually pretty high on the list when something goes wrong — which is why these updates started in the first place! Here's a look at what you can expect from the August patch.

Google Security

Google is continuing the split patch format for August, which means there are two patch dates that could arrive on your phone this month. The August 1, 2016 patch contains major fixes for the Android OS that can be applied to every Android phone, and is the minimum security patch in order to be considered "current" with your security level. The August 5, 2016 patch contains everything from the minimum patch as well as an extensive list of driver, component, and kernel-related patches aimed mainly at Nexus hardware. Google's distinction between August 1 and August 5 allows manufacturers to more quickly release patches for OS-specific software concerns, which leads to more overall devices being secure.

  • The bulk of the August 1 patch focuses on vulnerabilities in Mediaserver, which includes remote code execution, elevation of privilege, information disclosure, and denial of service vulnerabilities. Information disclosure vulnerabilities were also resolved in OpenSSL, camera APIs, SurfaceFlinger, and Wifi.
  • If you have the August 5 patch, a significant portion of the update is aimed at fixing vulnerabilities in Qualcomm components. This includes a massive list of privilege elevation vulnerabilities, information disclosure vulnerabilities, and denial of service vulnerabilities. Most of these vulnerabilities have been found on older Nexus hardware, specifically the Nexus 5 and second generation Nexus 7.

For a complete list of the fixes released in this update, check out the Android Security Bulletin page. Google claims there have been no reports of active exploits using the vulnerabilities that have been fixed in this month's update, and as always Google's partners have had access to these updates since early last month. There is no word on when to expect the patch for any other Android-powered device, but current Nexus devices, Android One phones and the Pixel C will be receiving an OTA update within the next week. If you're the impatient type, you can flash the factory images posted at Google's Developer site.

Russell Holly

Russell is a Contributing Editor at Android Central. He's a former server admin who has been using Android since the HTC G1, and quite literally wrote the book on Android tablets. You can usually find him chasing the next tech trend, much to the pain of his wallet. Find him on Facebook and Twitter

  • The OTA's are up too:, for those that don't want to data reset.
  • Just flashed the OTA on a 6P. Easy! The Note 7 better be something special. I don't know if I can bail on a Nexus (yes, I know security patches are better with Samsung in general as of late).
  • Is it awesome? How's battery life? ;p
  • Seems snappier and longerer! :)
  • Before Google offered the OTA downloads, I just removed -w (wipe) from the update script. ¯\_(ツ)_/¯ Sent from my Nexus 5X via the Android Central App
  • Just received the OTA on my Blackberry Priv :)
  • Go go gadget blackberry!
  • Was it the 8/1 or 8/5?
  • It is 8/5, per the article on BB website:
    My phone shows the same date as well.
  • Let's see moto get the G⁴ and Z their updates for august next February! Punctuality is their thing isn't it! Posted with a Moto G⁴ Plus
  • I did not mean to comment this as a reply. Strange, isn't it. Posted with a Moto G⁴ Plus
  • Google are pushing them put, and so is blackberry. My priv has the latest update, as usual.
  • Love what BB is doing on these. Nexus is a given, but BB doesn't have to do it and I love that they are.
  • Exactly. I may not like the BB method of not letting us see how they add their own security (wish the code was available for peer review) but they are on the ball when it comes to keeping their version of Android patched.
  • Oh, I think I figured it out yesterday. I don't think they're doing anything different at all. I think it's all marketspeak for "we have Android Marshmallow features and stuff built into the Snapdragon SoC's that we buy". There's GOT to be more to it, but I can't find any evidence that there is.
  • They merge patches from grsecurity as well as use closed source LKMs to harden the kernel. Nothing wrong with it, I just would prefer it all be open sourced.
  • And I _still_ don't have the May update on my MXPE. Looking more like Goodbye, Moto for me this fall. Posted from my XT1575
  • My Xiaomi phone got 8/1 patch with their new beta update, which was released on 30th july. Is it normal ?.. Posted via the Android Central App
  • Does this fix the volume issue in Nexus 5 which was caused by the previous security patch Why do i even comment!
  • Other than Nexus and BlackBerry, are any other OEMs updating monthly? Samsung? Posted via the Android Central App on my BlackBerry Passport
  • Just got the Aug 5 patch on the 6p
  • Not sure what specifically was fixed in the Nexus 5 Bluetooth software but the August 5 patch made bluetooth usable in my car again. The volume was super low and now it is back to normal.
  • Anyone have it on the 5x? Can anyone give a quick explanation for side loading? I think I have it, but I want to be sure Posted via the Android Central App
  • A bit late, but I'm running August 1st on the Galaxy Note7
  • So you bought it, huh? Congrats!