Google is in the midst of pushing mass updates over the air (OTA) to its Nexus Android devices, to address the recently uncovered Stagefright vulnerability. In a talk at the Black Hat conference here Wednesday, Adrian Ludwig, lead engineer for Android security at Google, said the company plans more frequent updates for Nexus users and for other handset makers.
Advertisement
Since the story first broke that Android had a decent vulnerability that takes advantage of an Android framework known as Stagefright to allow for remote code execution, there has been quite a stir on the world-wide web and a push for more security updates.
Google says it will offer major updates to its Nexus devices for two years and security patches will be available for three years from initial availability “or 18 months from last sale of the device via the Google Store”. How many of those new iPhone owners will be defectors from Google Inc.’s Android operating system? Otherwise, what’s the point of being an Android user if your phone is constantly under attack? Not only will the patch plug up the Stagefright hole we’ve heard so much about, but it also contains fixes for a number if issues Google highlights in their periodic security bulletins that are sent to OEMs and carriers. It’s August and assuming that Google intends to release the new smartphone line-up in a similar timeframe as the previous models, then Huawei should probably start manufacturing its first Nexus device right about now, if it hasn’t already. OpenSignal found that 95% of devices are running Android 4.0 or above, but still below iOS who have 85% of their devices on the current API level – even if being on that current version doesn’t give feature parity to all devices. And with today’s announcement, it looks like the list of reasons in favor of getting a Nexus device as your next phone or tablet just got a bit longer.
This is great news for Android users. Yet this data goes a long way toward explaining why Android has had trouble making better inroads in the enterprise.
Samsung has also fast-tracked updates for its Galaxy device line to fix Stagefright.
Advertisement
As for the other Android bug from last week – Trend Micro’s discovery of an integer overflow bug in Android’s media server service – that too will be fixed by the end of the week.
