How do monthly security updates work?
To make Android a secure system, Google has put a monthly security update program in place for all devices running on Android. This program is rolled out in three stages:
- The first stage is development. Having identified the flaw, Google’s engineers develop the update and prepare it for testing.
- The second stage is testing. Google sends the update to its collaborators, who are the smartphone manufacturers, so that they can test it on their products.
- Once testing has finished, the update is distributed to users by the manufacturers through an OTA (Over-The-Air) update. Finally, a public notice stating the corrected patches is distributed on the website to inform users that the update is available.
Who implements the monthly security updates?
Of course, as you’ve already seen, this monthly security update program relies on manufacturers’ good will. If they don’t make the effort to offer the updates to users, their smartphones will remain vulnerable. Few manufacturers distribute the updates to their devices every month. Some wait several months to do it.
To be sure you’ll get monthly security updates, you should opt for a smartphone from the Nexus or Pixel ranges as Google distributes the update directly to these users. Google has also published a list of 42 devices that it deems as star pupils in terms of security updates.
Here they are:
- Google Pixel XL, Pixel, 6P, 5X and 9
- BlackBerry Priv
- Fujitsu F-01J
- General Mobile Plus d, Plus, 4G Dual and 4G
- Gionee A1
- LG G6, V20, Stylo 2 V, GPAD 7.0 LTE
- Moto Z, Moto Z Droid
- Oppo CPH1613, CPH1605
- Samsung Galaxy S8+, S8, S7, S7 Edge, S7 Active, S6 Active, S5 Dual SIM, C9 Pro, C7, J7, On7 Pro, J2, A8, Tab S2 9.7
- Sharp Android One S1, 507SH
- Sony Xperia XA1, Xperia X
- Vivo 1609, 1601, Y55
What new features come with monthly security updates?
Monthly security updates don’t offer any new features, they simply correct flaws in the system.
Flaws corrected by June’s security patch
After the last update in April, which saw the correction of 60 issues, June’s update was even more comprehensive with 101 Android flaws, 27 of which were critical. These flaws were with Android versions 4, 5.0, 6.0, 7.0 and 7.1.
Some critical flaws could potentially allow a harmful application to take control of your smartphone. Fortunately, Google explained that there had never been “any reports on an active exploitation or abuse of these newly reported problems”. Most of the flaws concerned the code supplied by Qualcomm for its components (processor or modem) but Google has proved its willingness to correct its errors and provide users with continued security.
Among other issues corrected in June, there were problems with Bluetooth, in the Media framework, in the libraries and with the user interface system.
Do you think that manufacturers could make more of an effort to distribute the monthly security updates? Let us know your thoughts in the comments below.