Google has fixed a dozen security vulnerabilities in Android, five of which it rated "critical."
Of the highest-rated vulnerabilities in
its sixth monthly release, Google said one nasty flaw could allow an attacker to remotely execute code -- such as malware -- by exploiting a flaw in how Android processes some media files.
This time around, Android 5.0 and later -- including "Marshmallow" 6.0 -- are affected.
And if you think you've heard this before, it's because you probably have. That's because month after month, the "mediaserver" service remains the most problematic component of Android. So much so that Google has copied and pasted almost word-for-word the same text for the advisory for every month the component is affected.
The critical vulnerability affects a core part of the Android software, which has access to permissions that third-party apps cannot normally access.
