Wednesday , December 19 2018 Ausdroid » News » Google is going to start requiring OEMs to deliver timely security patches


Google I/O was a massive event, with many things announced across the three days. One of the interesting nuggets tucked away in a developer talk was that Google is going to start requiring OEMs to deliver regular security patches.

The announcement was made during the ‘What’s new in Android Security’ and picked up by Mishaal Rahman from XDA-Developers.

We’ve also worked on building security patching into our OEM agreements. Now this will really … lead to a massive increase in the number of devices and users receiving regular security patches.David Kleidermacher, Google’s head of Android platform security

Google hasn’t previously required OEMs to deliver security patches to their devices, even after starting to deliver monthly Android security patches in the wake of the Stagefright vulnerability back in 2015. Stagefright was the first of a number of vulnerabilities which affected Android and made more people aware of the need to run the latest version of Android.

While Google hasn’t announced how often they will need to deliver security patches to devices, it’s at least promising that they’re seeing the need to build the requirement into their OEM agreements.

Source: XDA-Developers.

Daniel Tyson   Ausdroid's Editor in Chief

Dan is a die-hard Android fan. Some might even call him a lunatic. He's been an Android user since Android was a thing, and if there's a phone that's run Android, chances are he owns it (his Nexus collection is second-to-none) or has used it.

Dan's dedication to Ausdroid is without question, and he has represented us at some of the biggest international events in our industry including Google I/O, Mobile World Congress, CES and IFA.

4
Join the Ausdroid Conversation

avatar
4 Comment threads
0 Thread replies
3 Followers
 
Most reacted comment
Hottest comment thread
4 Comment authors
AdamMShawnAllan ThomasOldmike Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
Adam
Ausdroid Reader

I wonder if this is helped by the existence of Project Treble? Surely the same functional separation that makes it easier to upgrade the OS should apply at least equally to security patches? Which would therefore enable Google to be more demanding of OEMs than they have been before when they knew there was (or may be) a lot of work to implement the security patches into the OEM skins.

Shawn
Guest
Shawn

Let’s hope it is at least 4 minimum per year with a maximum of 3 months between a release for the first 2 years after release. This could then be relaxed to 3 / 4 in the 3rd year and 2 for the 4th. I would think in general after that time the device will be out of date so no updates will be required but could still happen. This would be for mid – premium models and could be more relaxed for entry-level devices but still would have to be at least 2 a year especially if another major… Read more »

allanthomas777
Ausdroid Reader

I’ll believe it when I see it!

Oldmike
Guest
Oldmike

Not before time .

Check Also

ASUS restructuring as long term CEO, Jerry Shen, leaves for a new startup

ASUS has advised overnight that its long term CEO – Jerry Shen – will be …