Samsung has begun rolling out a maintenance release for its major flagship Galaxy devices as part of its monthly security maintenance release (SMR) for July.
The SMR package includes security patches from both Samsung and Google. According to Google's Android Security Bulletin for July, Google has patched a bunch of issues. Of these, the most severe is a critical security vulnerability, which has been fixed. It could enable remote code execution on affected devices through multiple methods such as email, web browsing and MMS when processing media files.
So far there is no report about any exploitation or abuse related to this particular vulnerability. Google's security update is already seeding to the Nexus devices through an over-the-air update and the firmware images are also available at the Google developer site.
Along with Google, Samsung has fixed four vulnerabilities and exposure items in its July update. One of these is a high severity vulnerability related to audio service.
Another flaw that Samsung has patched is the null pointer dereference issue with socket, which is of medium severity. The devices that are affected with this bug are the ones running on Android 4.4 KitKat, Marshmallow version 6.0 and use application processors such as Qualcomm MSM8909, MSM8996 and MSM8916. Users are advised to update their Galaxy devices to get the latest security patches.