One of the most prevalent issues with the Android ecosystem is the delayed, and sometimes missing, security updates. In a bid to tackle the issue, Google has announced that it’s making it easier for Android OEMs to roll out security updates. During the “What’s new in Android Security” talk at the Google I/O developer conference, the company’s head of Android platform security David Kleidermacher highlighted the upcoming security changes in the Android P release.
Starting with Android P, OEMs will be able to push Android security updates faster, thanks to the changes introduced with Project Treble. According to a recent report from XDA, Kleidermacher revealed that the company has modified its OEM agreements to include provisions for regular security updates for all devices.
Kleidermacher was quoted saying:
“We’ve also worked on building security patching into our OEM agreements. Now this will really…lead to a massive increase in the number of devices and user receiving regular security patches.”
While Google releases its monthly security patch bulletins in the first week of each month, it releases the updates to OEMs and vendors a month in advance. Despite the fact that OEMs receive the updates well in advance, Google doesn’t require OEMs to update their devices with the latest security patches which results in the slow rollout of the security updates and a few OEMs just don’t push the updates at all.
With the updated partner agreement, it’s expected that OEMs will have to push security updates in a timely manner. As of now, there aren’t any additional details about the updated Android partner agreement, so we can’t be sure how often Google will require OEMs to implement these patches. It’s also unclear as to how Google plans to check if the security patches are being rolled out properly. Nonetheless, the changes made to the Android partner program will definitely be beneficial for million of Android users.
