Redmi 3S

[Discussion] What Are Monthly Security Updates On Your Android Smartphone?

2017-08-10 12:27:51
3850 87
Hi, Mi Fans!
Every one of us is familiar with Android version updates like Lollipop, Marshmallow, Nougat, Android O... But if you take a look at About Phone in your device settings, you may find an option 'Android Security Patch Level'. Have you ever thought what this is?
Apart from annual Android updates, Google releases a security update each month, which aims to correct flaws in their system. The objective is to ensure continued protection for users and to react quickly to security problems that could arise. In this thread, we’ll outline the corrective measures issued by Google.
Android is a Linux based OS, so security patch level plays a prominent role when it gets updated. What it exactly does is:
- Fix various bugs in previous kernels
- Prevent hackers from accessing your devices in various ways possible. (Just to make your device Hacker-proof for time being.)

Working of Monthly Security Updates
To make Android a secure system, Google has put a monthly security update program in place for all devices running on Android. This program is rolled out in three stages:

- The first stage is development. Having identified the flaw, Google's engineers develop the update and prepare it for testing.

- The second stage is testing. Google sends the update to its collaborators, who are the smartphone manufacturers so that they can test it on their products.

- Once testing has finished, the update is distributed to users by the manufacturers through an OTA (Over-The-Air) update. Finally, a public notice stating the corrected patches is distributed on the website to inform users that the update is available.
Who implements the monthly security updates?
This monthly security update program relies on manufacturers’ good will. If they don’t make the effort to offer the updates to users, their smartphones will remain vulnerable. Few manufacturers like Xiaomi distribute the updates to their devices every month. Whereas some manufacturers wait several months to do it.

What new features come with monthly security updates?
These updates neither bring about any changes nor adds any features. They just correct the flaws and vulnerabilities in the system.

Flaws corrected by July’s security patch
After the last update in June, which saw the correction of 60 issues, June’s update was even more comprehensive with 108 Android flaws, 27 of which were critical. These flaws were with Android versions 4, 5.0, 6.0, 7.0 and 7.1.
Some critical flaws could potentially allow a harmful application to take control of your smartphone. Fortunately, Google explained that there had never been “any reports on an active exploitation or abuse of these newly reported problems”. Most of the flaws concerned the code supplied by Qualcomm for its components (processor or modem) but Google has proved its willingness to correct its errors and provide users with continued security. Among other issues corrected in June, there were problems with Bluetooth, in the Media framework, in the libraries, and with the user interface system.

Flaws corrected by August's security patch
  • A moderate issue in the Android runtime that could enable privlidged code execution has been patched.
  • Again we see numerous issues that could allow remote code execution through the media libraries patched, with some changes going back to Android 4.4.
  • Qualcomm has patched numerous escalation of privilege issues in the Snapdragon platform. These include moderate vulnerability patches for video, the GPU, and USB input/output. Since these include closed source changes, new versions are available from Qualcomm for your device manufacturer to implement as needed.

Flaws corrected by September's security patch
  • The main issue this month revolves, once again, around a vulnerability in the media framework that, when paired with exploitative code, could remotely execute malware on a user's device.
  • Some of these patches go back to Android 4.4 KitKat.
  • A runtime bug has been patched that would allow a remote user to execute code that could cause an app to hang.
  • Broadcom has once again issued a number of patches for its Wi-Fi drivers.
  • MediaTek and Qualcomm have each patched a number of drivers that could potentially allow remote attackers to execute code.


These security patches are the most important updates that you will ever get. So once you get an update notification in updater app, install them.

What do you think of the monthly android security updates?
Let us know your thoughts in the comments below.

Credits: Android Security Bulletin

Rate

Number of participants 6 Experience +65 Pack Reason

View Rating Log

2017-08-10 12:27:51
Favorites29 RateRate
Great Thread Bro. Thanks for your information
2017-08-12 13:41:18

Device team

MridulSharma | from Redmi 3S

#2

Indeed a great thread. Nice to see information about something which very few know about. :)
2017-08-12 13:49:29
Great Thread Bro.
Nicely explained
2017-08-12 20:19:54

Regards ASK help
explained too simply..
2017-08-12 22:06:06

Bunny Master

1660027672 | from Redmi 3S

#5

nice.........
2017-08-12 22:24:45
Please dont get me wrong. i am not stating negative criticisms since i rely on Xiaomi, but this line "Few manufacturers like Xiaomi distribute the updates to their devices every month. Whereas some manufacturers wait several months to do it." is misleading. Xiaomi does not in any way give monthly security updates. i am not using the word that its a 'lie' but then again its not true either.

i use Redmi 3s Prime device. The OS version that i am using is 8.5.3.0 Stable (MALMIED) and i can clearly see that the Android security patch level is of 2017-04-01 that means of April, which is outdated of course. Xiaomi did not give any standalone security patch after that and it only gives latest patches with its OS updates. Hence all of our devices are very vulnerable to attacks. If in any way i am wrong or misunderstood, i request any mods / admins to correct me in this topic.  
2017-08-13 12:51:45

Bunny Avanzado

Shuvradeb Biswas | from Redmi 3S

#7

Thanks for sharing the information.
2017-08-13 21:30:23

Bunny Avanzado

1640803177 | from Redmi 3S

#8

mi didn't give mi update since april
2017-08-13 21:53:46

Bunny Avanzado

Devkumark5 | from Redmi 3S

#9

nice work..
2017-08-14 03:28:40

Bunny Avanzado

Devkumark5 | from Redmi 3S

#10

nice work..
2017-08-14 03:29:13
please sign in to reply.
Sign In Sign Up
  • Followers

    206

  • Threads

    53

  • Replies

    4948

  • Points

Бета тестер
MIUI 8
Prisma
India 2nd year
100K members
Redmi 3S
APP scratch card
6th MIUI
Mi Max
Independence Day
Power At Last
Photography
AP2 Livestream
100 threads in a Month
2016 Diwali with Mi
300K Members
Go Smash!
3 дня подряд
7 дней подряд
21 день подряд
40 дней подряд
70 дней подряд
100 дней подряд
Shake!!Shake!!
Lucky Draw No.
500K Members
Christmas Contest
2016 Christmas
Mi Explorers
2016 #ThrowbackwithMiComm
Pokemon Go!
App Review
1 million members
Xiaomi 7th Birthday
New Home
Fitness Guru
100 threads in a Month
June-100 replies in a month
more power more life
Winner
July-100 replies in a month
Aug-100 replies in a month
Sep-100 replies in a month
Oct-100 replies in a month
1st Anniversary
Columnist
APP scratch card
71st Independence Day
My Poster My Life
MIUI 9
MIUI 7th Anniversary
Dirgahayu ke-72 Indonesia
2 million registered members
Mi Путешетсвие
Newbie Member
150.000 Pengguna
Diwali
200 000 пользователей
Helloween 2017
Halloween
Halloween
World Records
Twitter Medal
Device Team Member

Mi Comm APP

Stay updated on Mi Products and MIUI

Copyright
Content Policty
Quick Reply To Top Return to the list