When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Revised Android partner agreements may improve regularity of security patching by OEMs

Neowin · · Hot! with 13 comments

The Android ecosystem has faced somewhat of a challenge as far as keeping devices up to date as far as the operating system and security updates are concerned. Particularly with respect to the former, Oreo in both its variants is still only found on 5.7% of all Google Play Android devices, a 1.1% increase compared to April. Meanwhile, Nougat and Marshmallow still hang on to more than half of the counted install base, with a total of 56.6%.

Putting aside major OS updates, security updates for Android-powered units continues to be an issue outside of Pixel-branded devices. Although Android security patches are released on a monthly basis, manufacturers tend to roll them out later compared to Google's own hardware or, as was discovered last month, lie about having deployed those updates in the first instance. Now, it appears that Google is cracking down on OEMs to do a better job in this area.

Speaking at Google I/O, David Kleidermacher, head of Android platform security, discussed how the Mountain View company was streamlining the process of pushing out security updates, citing Project Treble as an example. Despite the implementation of Project Treble being optional for units upgrading to Oreo, it does make the patching pipeline easier to execute for hardware that ships with Oreo already installed. However, the company is following this up with more stringent agreements with OEMs, with Kleidermacher making the following comment:

“We’ve also worked on building security patching into our OEM agreements. Now this will really … lead to a massive increase in the number of devices and users receiving regular security patches.”

Of course, the devil is in the detail with respect to any agreement. While patches are released monthly by Google, the cadence at which OEMs implement them may possibly differ from that schedule, depending upon how the term "regular" is defined. Furthermore, in light of the misrepresentation of installed patches by manufacturers, Google will need to examine how it quantifies compliance with the revised Android partner agreement in order to hold OEMs to the mark. Time will tell exactly how effective this latest strategy ends up being.

Source: XDA Developers

Report a problem with article
Next Article

Weekend PC Game Deals: Even more spring sales pop up alongside a war bundle

Previous Article

Systems with some Intel SSDs crashing when installing Windows 10 April 2018 Update

Join the conversation!

Login or Sign Up to read and post a comment.

13 Comments - Add comment