Recently a pretty nasty vulnerability in Android was discovered. It's being called Stagefright,
and it affects versions 2.2 Froyo and newer of the OS. There is a fix,
and thankfully it's now starting to be deployed through over-the-air
updates by different manufacturers and carriers.
But to ensure a more swift response to future situations of this
nature, two companies that are very important to the Android ecosystem
have announced some similar measures today.
Let's start with Google, the developer of Android and the company in
charge of software updates for the Nexus line. It has unveiled that,
going forward, it will release monthly security updates for the Nexus
devices, in addition to the usual platform updates.
The first such security patch is in fact rolling out right now to the
Nexus 4, Nexus 5, Nexus 6, Nexus 7, Nexus 9, Nexus 10, and Nexus
Player, fixing the aforementioned Stagefright exploit. According to
Google, Nexus devices receive security updates "for the longer of three
years from initial availability or 18 months from last sale of the
device via the Google Store".
At the same time, Samsung, the biggest Android device maker, has
committed to implementing a new security update process for its
products. This will fast track patches when new vulnerabilities are
uncovered. The updates will come to Samsung devices over-the-air
"regularly about once per month".
The Korean company is already doing some fast tracking in issuing a
patch for the Stagefright bug, but it "plans to further develop this
process and implement it as a timely security update practice".
No comments:
Post a Comment