Android phones from Google, Samsung and LG to get monthly security updates

Google, LG and Samsung phones are to start receiving monthly security updates, hopefully putting an end to the long times that their owners have to wait to have vulnerabilities patched up.

When security problems are made public, phone companies are often criticised for being too slow in patching them up — leaving them vulnerable to use by hackers. But the three companies will now push out the updates on a monthly schedule, in the wake of one of the worst Android bugs ever found.

The “Stagefright” bug was made public last week, and could allow hackers to take control of phones by just sending a text message to them. Google fixed the problem soon after it was made aware of it, in April — but phone networks haven’t pushed them out to all handsets yet, meaning many are still vulnerable.

The new security updates are aimed at stopping a similar situation from happening again. The updates will be pushed over the air by the phones’ manufacturers, rather than relying on the often dangerously slow networks.

All of the first updates will be addressing the Stagefright vulnerability, and will be pushed out soon.

Google is already pushing the first such update to its Nexus devices, it said in a blogpost. “The first security update of this kind began rolling out today, Wednesday August 5th, to Nexus 4, Nexus 5, Nexus 6, Nexus 7, Nexus 9, Nexus 10, and Nexus Player,” according to a blog post by Adrian Ludwig, lead engineer for Android security, and Venkat Rapaka, director of Nexus product management.

Samsung said in a blog post that it “will implement a new Android security update process that fast tracks the security patches over the air when security vulnerabilities are uncovered. These security updates will take place regularly about once per month.”