Over 100 Android flaws are patched in a new release from Google. This includes Android’s own components and chipset specific drivers. The media server component on Android that is responsible for handling video and audio streaming has been vulnerable in the recent past.
By sending a specifically crafted audio or video file to the user this flaw can be exploited. Due to this automatic media passing is no longer allowed in apps lie hangouts and g-mail.
The device manufacturers have the option to upgrade to either 2016-07-01 which is device-agnostic and 2016-07-05 which includes the 2016-07-01 and device specific as well. The previous contains 32 vulnerability and the later has 75 vulnerabilities. These contain a total of 20 critical, 54 high severity that includes Qualcomm GPU driver, MediaTek Wi-fi driver, Nvidia video driver etc. and a few moderate issues. The fact that these drivers are built into the most privileged area i.e. the Kernel it can lead to a situation where the device has to be flashed with the firmware.
Google has released the firmware updates for nexus devices and will release the patches for the AOSP (Android Open Source Project) within 48 hours. Partnered manufacturers are also notified about the same. The patch expressed as a date string I displayed in the about Phone tab under the settings.