Google is looking into the possibility of requiring device manufacturers to regularly patch their devices, by incorporating such a provision into future OEM agreements, Google head of Android security David Kleidermacher announced in a presentation at the Google I/O Developer Conference last week.
“We have a pretty steady track record for years now, every single month delivering… patches to the market,” said Kleidermacher at the event. “We want to make sure that all Android OEMs are delivering patches regularly to their devices as well, not just Google's devices.
Kleidermacher said that building security patches into OEM agreements “will really lead to a massive increase in the number of devices and users who are receiving regular security patches.”
“Since Google has not shed more light on the terms of the agreements, there's no telling at this point if they will apply only to new and/or flagship devices or whether older devices will also stand to benefit from the new policy,” commented Tomas Foltyn, security writer at ESET, in a blog post covering Google's announcement.