As part of its February bug fixes, Google is patching a critical severity remote code execution vulnerability and an information disclosure bug. The February Android Security Bulletin also warns of a second critical flaw that could allow a remote hacker to gain access to an Android handset and obtain sensitive data. An over-the-air update and firmware images for Google devices are available for its Pixel and Nexus devices, and third-party carriers will also deliver updates to vendor handsets. There are no reports of any of February s vulnerabilities being actively exploited.
Source: https://threatpost.com/critical-android-bugs-patched-in-update/152539/