Researchers Catch Android OEMs Lying About Security Patches

Faybert

Faybert

Level 24
Thread author
Verified
Top Poster
Well-known
Jan 8, 2017
1,318
Content source
https://www.bleepingcomputer.com/news/security/researchers-catch-android-oems-lying-about-security-patches/
A large number of Android manufacturers (OEMs) are skipping security patches but are lying to users about it, according to the team at Security Research Lab (SRL), a Berlin-based cyber-security firm.

Google releases Android security patches each month in the form of the Android Security Bulletin. The OS maker releases the security bulletin to OEMs and chipset providers, and each add their own updates, depending on the Android OS variation that ships with each smartphone.

Every time any of these updated OS versions reaches a user's device, the update also increments the "Android security patch level" in the phone's settings section to the respective month and year of the Google Android security bulletin they have implemented patches for.
Some OEMs are slacking off

But speaking today at the HackInTheBox security conference in Amsterdam, Holland, SRL researchers said that many OEMs are lying about these patches.

For the past two years, SRL researchers Karsten Nohl and Jakob Lell have analyzed the content of the security updates delivered by today's biggest Android OEMs.

The two discovered that some OEM vendors claim to deliver up-to-date security updates, but many skip installing some patches on users' devices, for unknown reasons.
.......
.......
.......
Click to expand...
 
  • Like
Reactions: Mariihh, ZeroDay and harlan4096
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Is ZTE an American or Chinese company? I hear mixed answers about them.

At the moment, I have Android Oreo 8.0.0 with 1 February 2018 security patch level. Not too bad considering it's not a Google Pixel/2 device.

Older devices lose support as the chips advance and Android cannot support all features on them (ie. SD 801).
 
  • Like
Reactions: Faybert and harlan4096
You must log in or register to reply here.

Similar threads

Ink
    • Like
Technology CEO: Google financially incentivizes OEMs to update their phones
Replies
0
Views
215
Technology News
Ink
Ink
silversurfer
    • Like
    • Thanks
    • +Reputation
New Update Android Security Update for January 2024 - Fixes 58 Vulnerabilities
Replies
2
Views
447
Android & WearOS
Dave Russo
Dave Russo
silversurfer
    • Like
    • +Reputation
New Update Android Security Update for November 2023 - Fixes 37 Vulnerabilities
Replies
1
Views
508
Android & WearOS
ForgottenSeer 103564
F

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top