Google patched a critical hole in its problematic Android Mediaserver component that could have allowed an attacker to use email, web browsing, and MMS processing of media files to remotely execute code.