Google has patched a vulnerability being exploited in the wild to root Nexus 5 Android devices. The public exploit—a rooting application—was privately disclosed to Google on March 15 by Zimperium researchers, and a less than a month after CORE Team researchers reported that CVE-2015-1805, which was patched in 2014 in the Linux kernel, also affects...

Since last summer’s Stagefright vulnerabilities toppled the Android world for a few weeks, researchers inside and out of Google have been taking a close look at not only the maligned media playback engine, but also at Mediaserver where it lives. Today’s release of the monthly Android Nexus Security Bulletin includes patches for another critical vulnerability...