According to a study by Which company, more than 40% of active Android users around the world use OS version 6.0 or earlier. Therefore, they will not receive security updates and are at risk of cyberattacks.
One of the main complaints about the Android mobile operating system has always been related to the lack of a strictly debugged and timely delivery of security updates.
Each smartphone maker distributes patches in its own way, sometimes leaving devices in danger for months.
Researchers from Which analyzed the current situation and named the percentage of devices that will no longer receive important patches in the future.
According to a Which report, today more than one billion Android devices are vulnerable to various cyber threats.
“40% of Android mobile device users will no longer receive important security updates”, – analysts write.
The problem is that Android smartphones older than three years are no longer relevant, so manufacturers will not send updates to the operating system of these devices. On the other hand, they are still sold around the world. That is, a person can come and buy such a smartphone, but no one will work to maintain its safety.
Google, in its turn, is trying to fight malware and even urging vendors to release patches as soon as possible.
However, in reality, Android devices do not update quickly.
“Our latest analysis showed that all these smartphones are vulnerable to a number of malware and other threats. As a result, users can steal personal data or spam them with advertisements”, – emphasize experts.
According to the results of the Which, 42.1% of active Android users around the world use OS 6.0 or earlier: Marshmallow (2015), Lollipop (2014), KitKat (2013), Jellybean (2012), Ice Cream Sandwich (2011) or Gingerbread (2010). Thus, users of older devices are at risk of malware infection, data loss and cyberattacks.
As noted, updates receive the latest OS versions – Android 10, Android 9.0 Pie and Android 8.0 Oreo, while earlier versions are still vulnerable. For the study, experts purchased several mobile phone models, including Motorola X, Sony Xperia Z2, and Samsung Galaxy A5 2017, and found that they were all vulnerable to known vulnerabilities, including Stagefright and Bluefrag, as well as to Joker malware attacks.
“Google is committed to providing monthly security updates for its Pixel phones, as well as through the Android One program. Smartphones participating in the program receive security updates for at least three years, including OS updates“, – commented on a study Which representatives.
In 2018, Google included in the OEM agreement a condition under which vendors are required regularly update their devices. According to the contract, manufacturers of Android-based devices are required to install updates on popular models of smartphones or tablets for at least two years.
In this aspect, Nokia is ahead of other suppliers – 96% of devices sold since the third quarter of 2018 were equipped with the latest version of Android. Nokia is followed by Samsung (by the way, if you have Samsung, it is better not to relax – I wrote recently that the vendor amends the Android kernel that may impair security of the device) and Xiaomi with indicators in 89% and 84% of devices, respectively.