Google will force Android OEMs to push out security patches regularly

Cyber Chief Magazine brings you the tactics to uncover and neutralize the insider threat

Android P, the ninth major version of the widely-used mobile OS, is expected to be released later this year.

Android OEMs security patches

Google has already announced a slew of security and privacy improvements that will be shipped with it, but David Kleidermacher, head of Android security at the company, has recently shared more welcome news: the company is working to make sure that all Android OEMs are delivering patches regularly to their devices.

Android’s update problem

Google has been trying to push OEMs towards a quicker release of software updates and security patches for a while now.

The problem with Android is that it is run on a wide variety of mobile devices, meaning that each upgrade/update must be first tailored to the hardware and then modified by device makers and carriers to fit their requirements.

Android OEMs security patches

This results in new OS versions and security patches getting to end users months after Google releases them.

The latest news

A year ago Google has started Project Treble, which is aimed at making the whole Android patching process easier and faster.

Kleidermacher has now announced at the recently held Google I/O Developer Conference that they’ve also been working on building security patching into their OEM agreements, to make sure that all OEMs deliver patches regularly to their devices.

“Now this will really lead to a massive increase in the number of devices and users receiving regular security patches,” he noted.

Unfortunately, he did not offer more details about that particular push, so we don’t known which devices will benefit from it, or what “regular security patches” means. We can only hope that it’s a monthly release, like Google’s.

Also, Kleidermacher did not mention whether they are doing something about the recently released problem: most Android vendors regularly forget to include some patches in the security updates provided to users, but the phones say that they’re fully patched.