Delivery of Android Security Patches Improved in 2019

Google started releasing monthly security patches from 2015. Since then, OEMs have been incorporating the patches to their device’s firmware and have been providing it to their users via OTA. However, a report by SRLabs (Security Research Labs) in 2018 revealed the companies to not merge all the changes, which led the search giant to investigate the so-called ‘patch gap’. Now, after two years, the firm has released a new report with compelling positive changes.

SRLabs has been monitoring security patches delivered by OEMs to their devices for the last two years. They made a report with the help of crowdsourced data from its SnoopSnitch application as well as its own collection of firmware builds. The firm identified a total of 10,000 and 7,000 unique firmware builds with different security levels in 2018 and 2019 respectively.

As per their analysis, in 2019, OEMs missed only about half of the patches compared to 2018. Also, the delivery speed was faster by 15%, decreasing the average number of days taken to incorporate a patch from 44 days to 38 days. That means the rate of missed patches fell to 0.3 from 0.7 in the previous year.

Another interesting find was companies tend to patch devices with the most widely deployed Android version. For instance, Samsung and Xiaomi patched their devices with Android 7.1.1 first in most cases. This led to the delaying of updates for the handset running the recent versions of Android.

As far as overall performance is concerned, Google, Sony, and Nokia topped the chart as their devices run near-stock Android and hence it is easy to implement patches. Whereas, Huawei, LG, and Samsung took an average of 2 weeks.  Lastly, all other major OEMs including Oppo, Xiaomi, Vivo, OnePlus, Motorola, ASUS, and others patched their devices within a month on average.

UP NEXT: WhatsApp reports a 70% drop in forwarded viral messages after implementing limits

 

(Source, Via)