Report: Some Android phones do Conceal Skipped Security Upgrades from Users

A security firm based in German recently revealed that several Android handset makers are hoodwinking their clients with certain security fix upgrades. Experts working in Security Research Labs found that firms such as Motorola, ZTE, TCL, Google, HTC, Samsung, Sony, and others are omitting certain Android security patch upgrades. However, the users won’t notice it as in the handset it will show that these security updates were installed. Security Research Labs looked over the firmware on various Android devices(1,200 to be exact) and searched for all patch distributed last year. The outcomes were intriguing.


Apart from the Google Pixel as well as Google Pixel 2, the tests showed that even top-end smartphones created by the leading companies had skipped Android security fix upgrades and showing people that these security patches were mounted while they weren’t. Security Research Labs establisher Karsten Nohl states that occasionally, a producer may by accident overlook a security patch upgrade, or even two. While considering the case of Samsung J3 (2016), It is asserted that the device received all 2017 Android patch updates added while in fact, it had skipped 12 upgrades, which includes a pair which was deemed “critical” to holding the phone safe and secure.

Apart from producers, SRL stressed several chip manufacturers are to accuse. Especially, handsets supported by a MediaTek chipset received 9.7 skipped patches on average. Which may be simply because of that certain less expensive devices utilizing cheaper chips usually tend to lose upgrades. Google states that several of the handsets in the research have been Android accredited handsets, which implies that Google’s standards of security will not affect them. As well as a few patches might have been skipped, states Google, since the producer taken away the offending feature rather than repairing it with the security update. Google is working with Security Research Labs to plunge much deeper into its test results.

Source Via

Comments are closed, but trackbacks and pingbacks are open.