Google to require Android OEMs to push security updates more regularly

By | 11th May 2018

Google releases Android security updates for its phones every month, and there are a couple of other OEMs that are pretty good about releasing monthly updates, too. That's not the case with most device makers, though, and so Google is working to change that.

Google is building a security patch requirement into its OEM agreement for Android devices. David Kleidermacher, head of Android platform security, revealed the news at a talk during I/O 2018, saying that Google wants to be sure that all Android OEMs are regularly delivering security patches to their phones.

Here's Kleidermacher's full quote:

So at Google we have a pretty steady track record for years now, every single month delivering those patches to the market. We want to make sure that all Android OEMS are delivering patches regularly to their devices as well, not just Google's devices. And so making Android more modular with projects like Treble really help contribute to that.

We've also worked on building security patching into our OEM agreement. Now this will really lead to a massive increase in the number of devices and users receiving regular security patches.

If you'd like to hear Kleidermacher talk about this for yourself, you can do so starting at around 1:40 into the video above.

The details of this Google's security patch requirement is unknown, but this is still welcome news. We've seen several OEMs skip security updates for two or three months, especially on non-flagship devices, and so it'd be great to see security patches pushed more regularly, even if OEMs aren't required to send patches every month. Most people store a lot of personal info on their phones, and so it's important that they're kept secure.

r54roADX2MI