Just 50% Android smartphones received a security patch in 2016

Just 50% Android smartphones received a security patch in 2016

Just 50% Android smartphones received a security patch in 2016

Google, today, released its Android Security 2016 Year In Review report outlining its top findings from the past year. And the results make for very interesting reading.

In a nutshell:

  • Just 3 percent of all Android smartphones run on the latest version of it’s operating system

  • 50% of all Android devices received a security update last year

  • There are atleast 1,500 variations of every version of the Android operating software

  • Over 100 security researchers made public contributions to Android in 2016, for a total of nearly 1 million dollars in security rewards

  • In 2016, approximately 380,000 people used Android Device Manager to find their phones each day

There are two ways of looking at the findings. On one hand, it is fantastic news that the percentage of people downloading apps and software outside of Google Play Store has come down a lot. But the fact that just 50 percent of Android devices have received security updates in 2016 is quite shocking.

‘The danger is real’: Germany’s cyber security chief on hacking and security strategy before elections

Although the number goes up to 73% for European phones that received an update for the same period, it is nowhere near where it should be. Add to this the fact that most companies allow workers to bring their own devices to work and most have their work emails on their phones, the situation makes for difficult reading.

BYOD has become very popular with companies trying to streamline costs especially with workers preferring to use their own smartphones. While their loss or theft puts enterprises at substantial risk, it also comes from jail broken or rooted phones.  And it isn’t just a matter of receiving a patch and applying it.

Google & Jigsaw launch ‘Protect your elections’ cyber security package

Phone manufacturers like Samsung, LG and Sony have several different handsets being sold in different countries running different versions of the operating system. Smartphones sold as part of a contract by networks are usually locked to them and are loaded with their own skins before being sold.  So for Google to police the Android operating system is very difficult. However, the report also points out some achievements year on year…

By Q4 2016, fewer than 0.71% of devices had Potentially Harmful Applications (PHAs) installed and for devices that exclusively download apps from Google Play, that number was even smaller at 0.05%.

We streamlined our boot-up process to make it easier to install over-the- air (OTA) security updates. To support this faster boot up, we implemented le-based encryption, which also better isolates and protects individual users on a device.

There have been several other updates that users can activate themselves to keep data safer like individual apps having to take permission before accessing camera, gallery etc.Google Android security options for consumers


While the updates are impressive, given the scale, they aren’t enough to protect against targeted hacking or breach attempts. However, Google also did perform 790 million Android device scans daily in 2016 and as Adrian Ludwig, Google’s director of Android Security told Wired magazine: “We’re proud of the fact that half of devices received an update in 2016, but that’s not sufficient. We think it’s an indication of good progress. It doesn’t mean we’re done.”

Copyright Lyonsdown Limited 2021

Top Articles

Double trouble: the rising threat of double-extortion ransomware

Ransomware attackers continue to threaten businesses at an increasing scale, speed and sophistication.

The blurring line between nation-state and cyber-criminals

Russia is widely known to be involved in a plethora of cyber-criminal activity.

XDR: Delivering value where SIEMs fail

Implementing an XDR solution means faster detection, and remediation of cyber incidents

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]