Google blames manufacturers regarding the delay in fixing security issues

Google thinks the patch gap is the result of manufacturers releasing security updates for their devices after they should have. One of the corporation’s top security worries for 2022, according to the company, was the patch gap.

Android is the most widely used mobile operating system in the world, powering over 2 billion active smartphones. The end consumers won’t receive the security patches at the same time because of their fragmented nature and customizations by various manufacturers. Apple’s iOS, in contrast, is managed by a single entity and allows for simultaneous distribution of update packages to all users.

Google attributed the delay in resolving security flaws on Android devices on smartphone manufacturers

The most recent Google report, “Year in Review of 0-Days,” highlighted security issues by blaming manufacturers for their slow distribution of updates to end users. The tech behemoth reported that in 2022, they observed “a series of cases where the upstream vendor had released a patch for the issue, but the downstream manufacturer had not taken the patch and released the fix for users to apply.”

Of course, Google claims that most upstream/downstream relationships contain patch gaps. On Android, they are longer and more frequent. A vulnerability in the ARM Mali GPU is one instance of a manufacturer delaying fix releases to end users. Although ARM published a fix for the problem in October 2022, it took users until April 2023 to obtain the patch.

Another illustration is a security flaw discovered in the most recent Samsung Internet browser. because the program was using a seven-month-old version of Chromium 102. This opening could be used by hackers to attack the program. Google has now urged manufacturers to release security updates to consumers more quickly so they can defend themselves. The IT behemoth also requested a thorough examination to pinpoint the causes of vulnerabilities. In order to safeguard themselves against online attacks, users must also maintain their devices updated with the newest security updates.