July security patch for Nexus devices rolling out, factory images and OTAs now available

Update 7/11: July’s security patch for the Pixel C is now available. Download the factory image and OTA now.

The Android Security Bulletin is usually released the first Monday of every month. With July 4th being a holiday, it was assumed that the patches would be available next week. However, Nexus factory images and OTAs with patches for a large number of vulnerabilities are actually available today.

The July security bulletin contains two sets of security bugs. There are 22 bugs in the security patch level dated 2016-07-01, while there are 32 device specific bugs on the second one dated 2016-07-05. According to Google, the two security patch level strings provide “Android partners with the flexibility to move more quickly to fix a subset of vulnerabilities that are similar across all Android devices.”

Both pairs of vulnerability listings rank in severity from critical to moderate and all the device specific bugs affect Nexus phones and tablets. The most severe vulnerability could enable remote code execution when browsing or using email and MMS. However, Google notes that there are no reports of customers affected by these issues.

It usually takes about a week for the update to start rolling out. Those who don’t want to wait can download the factory images below or sideload the OTA:

• Pixel C Factory Image | Pixel C OTA
• Nexus 6P Factory Image | Nexus 6P OTA
• Nexus 5X Factory Image | Nexus 5X OTA
• Nexus 6 Factory Image (2) | Nexus 6 OTA (2)
• Nexus Player Factory Image | Nexus Player OTA
• Nexus 9 (LTE) Factory Image | Nexus 9 (LTE) OTA
• Nexus 9 (Wi-Fi) Factory Image | Nexus 9 OTA
• Nexus 5 Factory Image | Nexus 5 OTA
• Nexus 7 2013 (Wi-Fi) Factory Image (2) | Nexus 7 2013 OTA (2)
• Nexus 7 2013 (Mobile) Factory Image | Nexus 7 2013 (Mobile) OTA

If you need help flashing factory images, check out our guide here. Keep in mind that flashing your device will wipe any data on it. This is not worth the hassle for most users, so waiting or sideloading the OTA is usually the wiser option.