News & Updates

User Beware – Vulnerabilities reported in 87% of Android Devices

Android users are still very much exposed to security threats – and most often than not, due to delayed response by the manufacturers. Prompt response when it comes to security updates, remains top priority not only for individuals but in securing computer systems for corporates and public corporations as well.

However, it may be shocking to find out that statistics in a recent study conducted by researchers in the Cambridge University show that these Android devices are only updated at the average of 1.26 times a year. That leaves security on these devices vulnerable for long periods of time – and that’s the brutal truth.

To paint the picture clearer, the study reported that out of 20,400 Android devices from which data were collected showed that approximately 87% of the devices were vulnerable to critical vulnerabilities such as TowelRoot and FakeID; and many which were unknown bugs.

Moreover, in large, users are usually left in the dark when it comes to security updates about their Android gadgets. This does not, however, seem intentional as there exists a gap in information between the manufacturers and the Android users. Researchers call this gap a “market for lemons”:

“Where on the one hand, manufacturers receive information on the level of security of devices along with security updates, if any, whilst on the other hand we have users which are pretty much in the dark.”

Manufacturers such as Google, Samsung and other big brands are upping the game when it comes to patching devices. Some credit should perhaps be given to the Stagefright incident that woke up giants like Samsung and Google from their slumber in the security arena.

Related Post: How to Stay Safe from Stagefright Android Vulnerability

Despite this, there is also the logistic issue that causes a delay when manufacturers provide Android software together with their own. Makers such as Samsung and T-Mobile vendors would need to “repackage” their software to fit these ready-made security fix. Then it is up to the carriers to approve and deliver the updates. The result – users receive the security updates at a later date, if at all. For the same reason, HTC has reported that it is “unrealistic” to expect monthly updates.

While researchers are critical of the manufacturers for the “bottleneck”, consumers continue to carry the burden of selecting devices that have better security support.

Leave a Comment