How many security updates do Win10 phones get?


 Share

Recommended Posts

Hi all,

 

I'm considering a switch to Windows Phone 10. The Lumia 950XL is cheap now, and security on Android is woeful - even for Google Nexus phones, once they're not current model anymore.

 

However since patching of security fixes is quite an issue, in my opinion, and Google is lacking on that, I do wonder how often MS phones currently get security updates, and how often security updates for apps are published.

 

If I look at the list of published updates from the MS website (I looked at it today but unfortunately I cannot find the link anymore!) I see the latest updates are from July / August (depending on model: 950 or 650). But those are only the major releases, and that doesn't say much about intermediate security fixes, like they are published monthly for Windows on PC.

 

Anyone who can provide me some insights in that?

 

Thanks in advance,

 

--Tim :-)

 

Link to comment
Share on other sites

  • 4 weeks later...

I own a 950XL (a very nice beast) and I get security updates once a month like a PC running Windows 10.

Link to comment
Share on other sites

This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By zikalify
      Devices running Android 6.0 or higher will get permission auto-reset feature
      by Paul Hill



      Google is planning to bring Android 11’s permission auto-reset feature to devices running Android 6.0 or higher. This will give users more control over the data that apps can request. The feature will be delivered via an update to the Google Play services and should become available from December 2021.

      The permission auto-reset feature works by resetting sensitive runtime permissions that a user has previously granted if the app hasn’t been used for a few months. In this way, users can be sure about what data the app has access to if they don’t use it regularly; with regards to the permissions, it’ll be as though they just installed the app.

      In some cases, it would not be ideal to revoke permissions access so there are some exceptions to the changes. Google says Device Administrator apps used by enterprises will not have their permissions reset nor will those permissions reset that are enacted by enterprise policy. Additionally, developers will be able to ask users to switch off auto-reset for their app but users should be wary of the potential impact of doing this.

      While users can expect to see this feature begin rolling out in December 2021, it could take until the end of March 2022 until all supported devices get the update. Despite the wait, it’s a nice privacy and security update and it’s good that Google could bring it to devices running Android 6.0, which was released in 2015.

    • By Usama Jawad96
      Microsoft's PrintNightmare patch breaks printing for some... again
      by Usama Jawad

      PrintNightmare is turning into an actual nightmare not only for Microsoft, but for IT admins as well. Although the Redmond tech giant keeps pushing out patches and claims that all PrintNightmare security holes are now plugged, after every few weeks or so, we learn that this is not really the case. What's worse is that these updates sometimes also break printing for organizations with certain configurations. It appears that this has happened once again, as confirmed by Microsoft in a new advisory.



      A recent Microsoft advisory spotted by WinFuture (via MSPoweruser) notes that August's Patch Tuesday update containing KB5005033 is where the issue originates from. Systems with this update or later installed may have issues with printing, which include:

      Given that administrative credentials are required each time during printing, this effectively breaks the corporate printing process as you can't expect an employee to get direct access to these credentials. The problem affects the following environments:

      The resolution suggested by Microsoft is to ensure that the latest drivers are installed and that this version is the same both on client- and server-side. That said, the company has stated that if this workaround still does not patch the problem, an organization has no option but to contact the OEM of the printer. You can view more details about the issue in the FAQs here, but one thing is certain: The (Print)nightmare continues.

    • By Usama Jawad96
      Teams is getting Customer Lockbox so Microsoft cannot access your data without your approval
      by Usama Jawad

      Microsoft Teams is the online communication and collaboration tool of choice for millions of entities around the globe, including organizations and consumers. In fact, its popularity has soared so much during the pandemic that Microsoft is also integrating it at an OS-level with Windows 11. The company keeps updating Teams with a steady stream of features each month, and now, it has revealed that it is working on Customer Lockbox for the software.

      For those unaware, Customer Lockbox is a capability that Microsoft offers across various services in Exchange Online, SharePoint Online, OneDrive for Business, and Azure. It ensures that while performing service operations and troubleshooting, Microsoft cannot get access to your information without your explicit approval.

      While Microsoft engineers generally leverage from telemetry and debugging techniques to troubleshoot problems, in some edge-cases, they do require direct access to customer data. Customer Lockbox essentially adds the customer into the approval workflow at the final step so that they can decide whether they want to give Microsoft access to their information to do root cause analysis (RCA). Customer Lockbox can be toggled and all requests and outcomes are audited. Typically, when engineers request access to data via Customer Lockbox, they also give a timeboxed window under which they will perform their RCA and troubleshooting activities.

      Microsoft has recently started tracking Feature ID 86190 on its Microsoft 365 Roadmap, which states that the company is bringing Customer Lockbox capabilities to Teams as well. The feature is currently in development with an expected release date of March 2022. The capability will roll out to Teams GCC, Worldwide (Standard Multi-Tenant), General Availability, and Web. Microsoft has not yet clarified what data on Teams will be protected by Customer Lockbox.

    • By Usama Jawad96
      Google commits to solving security problems in open-source projects like Git and Laravel
      by Usama Jawad

      After a meeting with U.S. President Joe Biden a few weeks ago, Google announced that it is pledging $100 million towards improving security in open-source projects. Today, it has revealed that it is partnering with the Open Source Technology Improvement Fund (OSTIF) to do just that. Together, the two entities will launch the Managed Audit Program (MAP). Through this initiative, they will increase the depth of security reviews and audits of open-source projects that are widely used by people all over the world.

      For now, Google has committed to manage security priorities and help fix flaws in eight open-source projects. These are:

      Git Lodash Laravel Slf4j Jackson-core Jackson-databind Httpcomponents-core Httpcomponents-client Commenting on the partnership, OSTIF had the following to say:

      It is important to note that the initial list of MAP projects has 24 items, and they contain notable entries like Electron, React Native, Rails, Joomla, and Angular too. However, they will likely be included in subsequent rounds of MAP as funding for them has not been secured yet.

    • By Usama Jawad96
      Google announces Private Compute Core Services for deeper network and ML model isolation
      by Usama Jawad

      Back when it announced Android 12 in May, Google also announced Private Compute Core. This is an open-source initiative that offers a sandboxed and secure environment that isolates services like Smart Reply, Now Playing, and Live Caption from the rest of the OS and apps. The idea is to keep your data private to your device and utilize the cloud in a privacy-preserving manner. Now, Google has further enhanced this initiative with Private Compute Core Services.



      Google explains that a lot of Android features utilize machine learning to update models to offer you an experience tailored to you. With Private Compute Core Services, the company will ensure that these updates happen over a private path, such that Private Compute Core features like Smart Reply and Live Caption don't have direct access to the network. This will be done by leveraging from specialized open-source APIs which preserve privacy by removing personally identifiable information (PII) and use techniques like Federated Learning, Federated Analytics, and Private information retrieval, some of which it detailed in May too.

      Google boasted that:

      The tech giant has stated that it will publish the source code for Private Compute Core Services publicly so it can be audited by any security researcher.