Aside from the new frequent security updates, Google has finally patched Stagefright in its own Nexus smartphones. The Android developer explained that the majority of users were not exposed to the flaw thanks to application sandboxing limiting the amount of possible damage.
Google announced that its Nexus devices would receive major updates for at least 2 years and security patches in the Google Store for the longer of three years from initial availability or 18 months from last sale of the device. Samsung partially followed Google’s offering and confirmed that its consumers would receive their own security updates every month, but didn’t promise to patch smartphones for at least 3 years from release.
Android OS has been regularly criticized for tardiness in getting critical security updates to users. The problem is that the platform was created by Google, but it is used on mobile devices all over the world, and the company does not have direct relationships with the vast majority of users. All Google can do is fix its own open-source part of Android and pass the fixes on to device manufacturers, who are supposed to pass them on to end users. However, even the manufacturers may be not the last mile to customers: sometimes they have to ask the mobile phone carriers to push out updates to the devices. The longer chain takes longer time, and many Android devices are still vulnerable to malware known for a long time now. As you can understand, Apple’s iPhones have no problems like this, because Apple can push out updates to its phones when it wants. This is one of the reasons why consumers choose Apple despite the price and sometimes limited functionality: having an updated operating system is currently seen as a competitive advantage.
So, Google officially announced that the most popular Android phones would soon get their patches, models including HTC, LG Electronics and Sony Xperia.