AOSP hints at new security update system for faster patches

Google may be changing the way it handles monthly security patches, and the result could be faster and more consistent updates.

According to XDA, Google might start separating the Android Framework patch level (relating to the operating system), from the Android vendor patch level (that which the hardware makers like Qualcomm deliver), meaning OEMs could roll out the most recent Framework updates even when hardware makers are months behind.

Editor's Pick

class="ra-title">Google's April 2018 Android security patch available for download

Google has just released the April 2018 Android security patch for all current Pixel and Nexus devices. Factory images and OTA files are available now at the links below, though there are a few things …

Currently, both Android Framework and vendor component vulnerabilities must be addressed for devices to be patched to the latest level. While this proposed update method wouldn't mean vendor-side concerns like Bluetooth or Wi-Fi vulnerabilities are patched any faster, it does mean that OEMs wouldn't have to wait around to deliver their part of the deal.

XDA points to a recent commit in the Android Open Source Project (AOSP) as evidence for the potential change, which adds a separate "VENDOR_SECURITY_PATCH" level label to the system. It looks like a further refinement of what Google has started with Project Treble.

This is pure speculation for now and Google may have altogether different plans for the labelling. At the very least, however, it looks like Android users may get a clearer picture of where their devices are at in terms of OS and hardware security.

from Android Authority https://ift.tt/2Heycpe
via IFTTT

Tweet

Subscribe to receive free email updates: