Android vendorst fail to install security patches

Terry Joseph
April 15, 2018

The companies like Google, Samsung, and Sony got a very good record of installing the patches but the companies like Lenovo's Motorola, TCL and ZTE have got the problem to roll out the updates.

Security researchers have accused some Android device makers of misleading users about whether or not devices are being patched.

According to Nohl and Lell, one reason for the tardiness or gap in patch delivery may be the chipset (CPU) providers, where researchers noticed that one specific company -Mediatek- was often lagging 9-10 patches behind.

Google releases Android security patches each month in the form of the Android Security Bulletin. Both Samsung and Sony had missed some patches, despite reporting they were up to date. It is known that mid-level manufacturers already lag behind in the race to provide swifter updates and during the research, it was discovered that they missed out on more patches than the flagship brands.

Russian Federation 'trained spy units to use CHEMICAL weapons on United Kingdom streets'
Upon her discharge from hospital Tuesday, the Russian Embassy tweeted: "We congratulate Yulia Skripal on her recovery". Sir Mark also revealed the Skripals have been being spied on by Russian Federation for at least five years.

CSK's home matches moved out of Chennai
The match to be held on 20th between CSK and Rajasthan Royals would now be held in Pune, it has been officially announced. Tensions reached a high-point when shoes were flung at CSK players inside the MA Chidambaram Stadium.

Trump orders a review of TPP trade pact stance
On Thursday, Trump provided no clues of how the United States would proceed on CPTPP-or on NAFTA. "The deal was awful ". Farm state lawmakers have pushed for greater sales of the higher ethanol blend to boost demand for the corn-based fuel.

Some device vendors are worse than others, skipping four or more patches, but claiming to have up-to-date devices.

Back in 2014 Apple's Tim Cook used a chart in his keynote to mock Android security and quoted ZDNet's Adrian Kingsley-Hughes who wrote: "Android fragmentation is turning devices into a toxic hellstew of vulnerabilities". "It's small for some devices and pretty significant for others", SRL founder Karsten Nohl said.

Taking up less than 5 MB, the app is quick to download without using much data, and takes up minimal space on users' phones.

Nohl said that this "deliberate deception" wasn't as common as vendors simply forgetting to update their devices. "Unfortunately they can not always decide on the type of device they have, or the kind of connection they are on", said Charles Murito, Google country manager, Kenya. A user can follow the steps given below to check if their device is running on the latest Android security patch or not. Built-in platform protections, such as application sandboxing, and security services, such as Google Play Protect, are just as important. "We're working with them to improve their detection mechanisms to account for situations where a device uses an alternate security update instead of the Google suggested security update. These layers of security-combined with the tremendous diversity of the Android ecosystem-contribute to the researchers' conclusions that remote exploitation of Android devices remains challenging".

Other reports by Free-Prsite

Discuss This Article