With Samsung acting in response to the Stagefright vulnerability by issuing monthly security patches to its Galaxy devices, it seems that Google is following suit. A recent vulnerability known as Stagefright showed that it is possible for hackers to control a device through a nefariously sent MMS. Google says it will shore up its platform further by issuing monthly security patches.
We hope with the platform operator and Android’s biggest vendor now offering monthly patches that other manufacturers will follow suit, especially the major ones. Google has often said that Android leaves its hands in stock form and is completely secure, but becomes unsecure in the hands of third parties. The company has often fought the perception that Android is a security risk, but problems like Stagefright certainly do not help.
Google says that its monthly patches will be different to major Android updates, which will continue to land sporadically (major builds now every year), although the company says only its Nexus line will be open to the monthly patches. That includes owners of the Nexus 4, Nexus 5, Nexus 6, Nexus 7, Nexus 9, Nexus 10, and Nexus Player.
Google says the patches will be issued from 3 years after a product is launched and 18 months once it is purchased from the store.