Every vendor must do it – issue cyber security patches.
For app vendors, if you use the app, you get the updates. For operating systems like Windows and the various flavours of Apple OS it is straight forward as the vendors have direct control of the OS and push regular updates.
Things become more difficult when it comes to open-source operating systems. Linux and Google Android have many vendors using them and supplying them to customers – however when a flaw is found in the core open-source code, it is not guaranteed that the vendor will apply the patches to their product quickly. I have experience of this when trying to keep my Linux laptop updated and I know that some Android devices I have dealt with were missing updates.
But Android does have flaw that need fixing:
Google fixes Android kernel zero-day exploited in attacks
Your Takeaway
Google produced devices and devices from the big suppliers such as Samsung get the updates in good time but as with any cyber security updates you should check that your devices receive them.
Ask yourself this question. “How many unpatched Android devices are being used as BYOD devices by your team?”
Clive Catton MSc (Cyber Security) – by-line and other articles
