Nexus models to get a mid-month security update from Google

A special mid-month security update is being pushed out by Google to protect Nexus handsets after it was discovered that a flaw in the Linux kernel could be exploited by an app used to root the Nexus 5 and Nexus 6. This raised alarms at Google as the flaw and the exploit were tagged as a Critical severity issue, and the security update was sent to Google's Android partners and AOSP.

Google's Verify apps have been able to block the rooting apps that exploit the flaw from being installed inside or outside the Google Play Store. Any Android device using Linux kernel version 3.18 or higher is not affected, such as the Samsung Galaxy S7 which employs Linux kernel 3.18.20. Quoting from the Android Security Advisory, vulnerable are "all unpatched Android devices on kernel versions 3.4, 3.10 and 3.14, including all Nexus devices."

As we said, an unnamed rooting app is required to exploit the flaw, and Google Play doesn't offer such apps. That fact, combined with the protection from the Verify apps, means that the odds of this exploit affecting your Android phone is low. Still, Nexus updates will soon be issued and patches for other devices could be released by Google's Android partners.

When this mid-month security update arrives, it would be a good idea to install it for further protection.

source: Android via AndroidCentral