The Stagefright bug, which could see Android phones hacked using a single message, seems to have shocked manufacturers into taking smartphone security seriously. Many have already issued fixes, but several have gone a step further, and announced they will be sending out security patches on a regular basis.
Updated on 08-07-2015 by Andy Boxall: Added in comment from ZTE
Samsung commits to monthly security fixes
Samsung was one of the first to officially announce such a scheme. In a post on its official Samsung Tomorrow site, the company says it’ll be pushing the fixes over-the-air when new vulnerabilities are uncovered, and expects to be sending one out on an approximately monthly basis. It freely admits the Stagefright problem prompted it into taking action.
However, don’t just expect these updates to start showing up immediately. Samsung still has to work with networks around the world to ensure the new software is sent out in a timely manner, and hasn’t announced which phones it will be concentrating on. Samsung’s range of Android devices is huge, it’s unlikely to address them all instantly, and some older models may not be covered at all.
Google will keep Nexus hardware updated
That’s certainly the way it works for Google, which has also announced something similar, in light of the Stagefright security problem. Google will send out a monthly security update to Nexus phones and other hardware up to three years old. Its first such software update, which addresses Stagefright, is available for the Nexus 4, Nexus 5, Nexus 6, Nexus 7, Nexus 9, Nexus 10, and the Nexus Player.
LG’s also ready to deliver monthly security updates
LG has already started update Android devices vulnerable to Stagefright, and has also issued a statement on its future intentions, saying: “As an additional step, LG will be providing security updates on a monthly basis which carriers will then be able to make available to customers immediately. We believe these important steps will demonstrate to LG customers that security is our highest priority.
Sony will work on a case-by-case basis
Sony doesn’t want to commit itself to monthly Android security updates, and instead is happy to address them on a case-by-case basis, at least that’s the impression from its statement provided to Digital Trends. It reads: “Sony Mobile takes the security and privacy of customer data very seriously. We work continuously with our smartphones, tablets and wearable devices to ensure they provide safe and secure experiences for users and will look to mitigate and eliminate any specific security issues where necessary.”
It suggests any Sony smartphone or tablet owners contact their “local customer care center,” if they have any concerns.
ZTE’s fixing Stagefright
We contacted ZTE to find out what its plans are regarding Stagefright and future Android security updates. It’s in the process of working with Google on securing its Android hardware against the bug, but doesn’t have any announcements to make regarding the frequency of any ongoing security updates.
Whether other companies such as HTC, or Huawei commit to long-term security updates remains to be seen. We’ve made contact with several on the subject, and will keep you updated here on any further news.
If you’re concerned about the Stagefright bug affecting your phone, you can read our in-depth guide to it here.
Updated on 08-06-2015 by Andy Boxall: Added in comment from Sony
- What is Android fragmentation, and can Google ever fix it?
- Epic Games unhappy with Google’s disclosure of ‘Fortnite’ launcher vulnerability
- Google to shut down Google+ after exposure of 500,000 users’ data
- Purchasing a used smart speaker? A hacker could be listening to you
- Will Toyota finally cave to buyer demand and offer Android Auto?