Remote code execution vulnerabilities dominate this month’s critical Android patches.

Android receives three remote code execution patches for vulnerabilities rated critical as Google launches a new Pixel/Nexus Security Bulletin.

Researchers find six previously unknown memory corruption and unlock-bypass vulnerabilities in major chipset vendors’ firmware code.

Google has re-issued its over-the-air Android security update after Nexus 6 users reported that the patches broke the SafetyNet API and features such as Android Pay no longer worked.

Google patched a critical hole in its problematic Android Mediaserver component that could have allowed an attacker to use email, web browsing, and MMS processing of media files to remotely execute code.