If you’re on a Nexus or Pixel smartphone, you’ve most likely become accustomed to monthly security patches. Unfortunately, that’s not the case for all Android users as a recent report indicates that 71% of all Android users on the five major US carriers are running security patches that are at least 2 months old.
Skycure’s Mobile Threat Intelligence Report took a look at mobile threat trends for 2016 across three different threat vectors: malware, network, and OS/app vulnerabilities. One iOS versus Android argument that comes up frequently is how much more quickly iOS devices get security updates for the simple reason that there is only one manufacturer of iPhones — Apple. As suspected, Skycure’s report found that this was indeed the case as there are multiple steps that must be undertaken by each OEM and mobile carrier of Android devices.
- Discovery of the vulnerability
- Notification to the developer
- Development of a successful patch
- Availability of each carrier-specific patch
- Distribution of the patch
- Installation of the patch
While roughly 27% of Android devices are running security patches one-month-old or newer, this process has left the vast majority of Android users open to known vulnerabilities. This finding confirms Google’s 2016 Year in Review which stated that roughly half of the Android devices in use at the end of 2106 had not received a security update at all in 2016. Keep in mind that the Google report features global results while Skycure’s is U.S. specific. Either way, there are too many Android devices that are currently un-patched against the latest vulnerabilities.
While OEMs and carriers are getting quicker in some cases, unfortunately, there is still lots of work to do in releasing timely security patches and updates.
What do you think about the findings in Skycure’s latest Mobile Threat Intelligence Report? Are you surprised? How often does your Android device receive security updates? Let us know in the comments below or on Google+, Twitter, or Facebook.Source: Skycure