Google Making it Necessary for OEMs to Roll Out Regular Security Updates

BY

Published 11 May 2018

NSFW AI Why trust Greenbot

We maintain a strict editorial policy dedicated to factual accuracy, relevance, and impartiality. Our content is written and edited by top industry professionals with first-hand experience. The content undergoes thorough review by experienced editors to guarantee and adherence to the highest standards of reporting and publishing.

Disclosure

Android P header

Android’s security platform head David Kleidermacher has revealed that Google has made it easier for Android OEMs to make it easier to roll out monthly security updates. This is thanks to Project Treble which will also help OEMs roll out major OS updates to their devices quickly.

But then despite previous efforts from Google, Android OEMs have taken their own sweet time in rolling out OS updates to their devices. As for monthly security updates, apart from a few OEMs, no one rolls them out regularly and on a timely basis to their devices.

    Google is fixing this issue by making it mandatory for Android OEMs to roll regular security patches for their devices. It is made this a part of its agreement with OEMs which should have a massive impact on the overall state of Android security as most OEMs would be forced to roll out security patches for their devices now.

    “We’ve also worked on building security patching into our OEM agreements. Now this will really … lead to a massive increase in the number of devices and users receiving regular security patches.” – David Kleidermacher, Google’s head of Android platform security

    Since the term of the agreements have not been revealed, it’s unclear if all OEMs will now roll out monthly security patches in time for all their devices or every once in a while. It’s also unclear if Android OEMs would be rolling out security patches for all their devices or only for their flagship devices or it is limited to only those devices that they launch with Android P onboard.

    At the moment, it is also unclear if the terms of the agreement are valid only for devices launched with Android P or older and existing devices already on the market.

    Our Take

    Despite limited information on the agreement that Google has signed with OEMs, its great to see the company taking a major step to improve the overall security of the Android ecosystem. Android OEMs have a habit of skipping monthly updates but due to this agreement, they will be compelled to roll them out on a regular basis.

    [Via XDA]