Security updates on mobile operating systems have typically been bundled inside larger patches that include other bug fixes and improvements. Unfortunately, the world of security exploits isn't tuned to a company's release schedule, which can leave devices and platforms vulnerable to exploits for long periods of time. Microsoft recognized this issue long ago and has since used Windows Update to roll out regular security patches when needed. With the growth of mobile, more attention is now being placed on the security of smartphones and tablets.

Google appears to have come to the same realization as Microsoft, and today they announced that they will start pushing monthly security updates over the air to Nexus devices that are still within their support timeframe. The list of supported devices includes the Nexus 4, Nexus 5, Nexus 6, Nexus 7 (both generations), Nexus 9, Nexus 10, and Nexus Player. In addition to security fixes, the monthly OTA updates will include general bug fixes, but the focus is primarily on security improvements.

The first monthly patch for Nexus devices is rolling out today, although as usual it may take some time to get to your device due to Google's staged rollout system. In addition to this announcement, Google has also implemented a long rumored change to their Nexus update policy. While in the past devices were guaranteed 18 months of updates, under the new policy they will be supported for two years of major software updates, and security updates will continue for three years or eighteen months after the device is discontinued on Google Play depending on which is longer.

Source: Google Android Blog

POST A COMMENT

41 Comments

View All Comments

  • Yofa - Wednesday, August 05, 2015 - link

    nexus 9? Reply
  • trekinator - Wednesday, August 05, 2015 - link

    It is listed in the source article, so I think it will be getting the same treatment. Reply
  • Brandon Chester - Wednesday, August 05, 2015 - link

    Yes, sorry for omitting that. Reply
  • danbob999 - Wednesday, August 05, 2015 - link

    Another advantage of having a Nexus.
    Phones need security updates just like PCs.
    Reply
  • Daniel Egger - Wednesday, August 05, 2015 - link

    Sorry Google, but far too little *AND* too late. What is needed here is a new requirement that all vendors who want to use the Android moniker and/or the Play Store are required to submit to the same update policy. Anything else is just ridiculous and simply not acceptable. Reply
  • trparky - Wednesday, August 05, 2015 - link

    Yes, very much so.

    It should be simple... Want to build an Android-powered device? Want to include Google Services on your device? You must provide security updates for a period of no less than 4 years! If a device can't handle the latest version of Android security patches MUST be patched into older versions to maintain security of those older devices.

    We live in a world in which the barbarians are at the gates. Mobile device security must be taken just as seriously as we do on our PCs. These devices are not just phones, they are computers in every way; the only difference is that one is sitting on a desk and the other is being held in a hand. Just like Microsoft pushed security updates on a monthly schedule, so should the Android OEMs be forced to as well. To not be pushing out updates is playing with the security of people's personal data, and that's scary.
    Reply
  • reuthermonkey1 - Wednesday, August 05, 2015 - link

    Or, you know, only purchase devices from vendors that enact such policies... Reply
  • Cogman - Wednesday, August 05, 2015 - link

    Not strong enough. The problem isn't just with the vendors but the carriers as well. I have a Galaxy S4 on tmobile and I'm still waiting for the Lollipop update which came out and was released by samsung nearly a year ago. T-mobile, get your act together. That is the last time I buy any sort of phone from them (and I'm seriously considering ditching them. This is a horrible way to treat your customers). Reply
  • WorldWithoutMadness - Wednesday, August 05, 2015 - link

    Nothing new with Samsung's treatment. I was Galaxy S user and they ditched the support to ICS saying the hardware is obsolete but guess what, cyanogenmod can release it.
    I won't give money to samsung mobile anymore, anything with google UI (AOSP) is the best for me.
    Reply
  • Gigaplex - Thursday, August 06, 2015 - link

    At least you got KitKat. My carrier held my S4 back to Jellybean until I eventually flashed an unbranded ROM. Reply

Log in

Don't have an account? Sign up now