Save hundreds $ with Galaxy Z Fold6!

Report: Some Android phones are given credit for security patch updates they never received

By
20comments
Google News Follow
Follow us on Google News
Samsung HTC Sony Software updates Google Xiaomi
Even though the phone showed it received all updates from 2017, the Samsung J3 actually missed 12 of them - Report: Some Android phones are given credit for security patch updates they never received
Even though the phone showed it received all updates from 2017, the Samsung J3 actually missed 12 of them
A security outfit located in German says that some Android phone manufacturers are pulling the wool over their customers' eyes. Researchers working for Security Research Labs (SRL) discovered that companies like Google, HTC, Samsung, Sony, Motorola, ZTE, TCL and others are skipping over some Android security patch updates even though the phones show that they were installed.

SRL checked out the firmware on 1,200 Android handsets and looked for every patch disseminated in 2017. The results were interesting. Outside of the Google Pixel and Google Pixel 2, the tests revealed that even high-end flagship models made by the top manufacturers had Android security patch updates skipped over, even if the update was credited on the phone. By showing users that these patches were installed when they weren't, owners believe that their handsets are safer than they really are.

SRL founder Karsten Nohl says that in some cases, a manufacturer might accidentally miss a security patch update, or even two. But the Samsung J3 (2016) claimed to have every 2017 Android patch installed when in truth it had missed 12 updates, including a pair that were considered "critical" to keeping the handset safe and secure.

Besides manufacturers, SRL said some chip makers are to blame. In particular, phones powered by a MediaTek chipset had 9.7 missed patches on average. That could be due to the fact that some cheaper phones using less expensive chips are more likely to miss updates. SRL founder Nohl says, "The lesson is that if you go for a cheaper device, you end up in a less well maintained part to this ecosystem."

Google says that some of the devices in the study may not have been Android certified devices, which means that Google's standards of security would not apply to them. And some patches may have been missed, says Google, because the manufacturer removed the offending feature instead of fixing it with the patch. Google is working with SRL to delve deeper into its test results.

Recommended Stories
In Amsterdam this Friday, Nohl and fellow SRL researcher Jakob Lell will present at the Hack in the Box security conference, the results of their two-year test that revealed what they call the "patch gap."


source: Wired
https://m-cdn.phonearena.com/images/users/39-200/Alan-F.jpg
Alan Friedman Mobile Tech News Journalist
Alan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon. Beyond smartphones, Alan has covered the emergence of tablets, smartwatches, and smart speakers.

Recommended Stories

Loading Comments...

Popular stories

T-Mobile introduces welcome change for iPhone users
T-Mobile introduces welcome change for iPhone users
Time has come to say goodbye to T-Mobile app after 12 years
Time has come to say goodbye to T-Mobile app after 12 years
T-Mobile stores will have a special gift waiting for you this Tuesday
T-Mobile stores will have a special gift waiting for you this Tuesday
Amazon and Best Buy are selling the Pixel 9 at a huge discount well ahead of Black Friday
Amazon and Best Buy are selling the Pixel 9 at a huge discount well ahead of Black Friday
Samsung survey asking for Galaxy S25 wishlist reveals the phone's early release date
Samsung survey asking for Galaxy S25 wishlist reveals the phone's early release date
BestBuy somehow deepens its Pixel 9 discount to $350
BestBuy somehow deepens its Pixel 9 discount to $350

Latest News

Epic early Black Friday sale lets you save up to $1,100 on the Galaxy S24 Ultra at Samsung
Epic early Black Friday sale lets you save up to $1,100 on the Galaxy S24 Ultra at Samsung
The stylish Galaxy Watch 7 is a steal with this pre-Black Friday promo at Samsung
The stylish Galaxy Watch 7 is a steal with this pre-Black Friday promo at Samsung
Apple iPhone SE 4 release date set for March with LG Innotek camera module
Apple iPhone SE 4 release date set for March with LG Innotek camera module
Red Magic 10 Pro+ live images surface ahead of tomorrow’s announcement
Red Magic 10 Pro+ live images surface ahead of tomorrow’s announcement
Apple's Beats Solo 3 come with amazing battery life at a nice $69 price in early Black Friday deal
Apple's Beats Solo 3 come with amazing battery life at a nice $69 price in early Black Friday deal
Realme 14 Pro Lite mid-ranger tipped to arrive early next year
Realme 14 Pro Lite mid-ranger tipped to arrive early next year
FCC OKs Cingular\'s purchase of AT&T Wireless