The Android Security Bulletin – also known as your monthly android security patch – arrives as regular as clockwork. This is because as flexible and adaptable as Android is as a mobile operating system, security from malware and hackers is still a very real issue for Android users. For the month of July, the security patch arrives in two levels, and it fixes a lot of vulnerabilities.
The patches are divided into the July 1 partial patch and the July 5 full patch. To communicate the idea in a very simple way, the July 1 patch level is the regular monthly update with fixes for vulnerabilities that apply to all of Android. The July 5 patch level is the July 1 patch PLUS driver fixes for specific devices that use them. If you get the July 1 patch, then you’re basically covered. Then again, there will be specific devices that will require the July 5 patch level because they use the affected drivers.
The July 1 update for Android in general includes a patch for an OpenSSL and BoringSSL vulnerability (CVE-2016-2108) that allows remote attackers to use a specially crafted file to execute malicious code, and patches for 15 other high severity flaws. The July 5 update adds fixes for 12 critical severity vulnerabilities related to the Qualcomm GPU driver, MediaTek Wi-Fi driver, Qualcomm’s performance component, NVIDIA video driver, and MediaTek drivers, kernel file system, USB driver, PLUS fixes to 54 other high severity flaws.
If your device has one of these drivers, it will automatically flag for the July 5 patch level. If you have an older device that doesn’t need the driver patches, your device might just go for the July 1 patch.