Last year, a massive security vulnerability was discovered, which targeted a core component of the Android OS, known as Stagefright, and was believed to affect almost a billion Android devices. The security researcher who published details of the vulnerability said he had created patches and sent them to Google months earlier, but the slow pace of Android updates meant that many devices continued to be left unprotected.
Soon after that, Google announced that it was launching monthly security updates for Android, and major manufacturers such as Samsung and LG quickly committed to delivering the monthly patches to some of their devices.
Motorola, however, was not among them - and it seems that"s not going to change any time soon.
At the launch of the Moto Z last month, Ars Technica asked Motorola if it planned to commit to delivering monthly security updates for the device. It responded with an unequivocal "no". But a later statement from the company led to some ambiguity over whether it might intend to do so:
Moto Z and Moto Z Force will be supported with patches from Android Security Bulletins. They will receive an update shortly after launch with additional patches.
Of course, that"s not quite the same thing as a firm commitment to delivering monthly updates. Pressed for clarification, Motorola issued a further statement - and unfortunately, for its customers, it"s not good news:
Motorola understands that keeping phones up to date with Android security patches is important to our customers. We strive to push security patches as quickly as possible. However, because of the amount of testing and approvals that are necessary to deploy them, it"s difficult to do this on a monthly basis for all our devices. It is often most efficient for us to bundle security updates in a scheduled Maintenance Release (MR) or OS upgrade.
As we previously stated, Moto Z Droid Edition will receive Android Security Bulletins. Moto G4 will also receive them.
So while some of Motorola"s devices will receive the security updates, the company has no intention of delivering them in a timely fashion. As Ars Technica notes, last year"s Moto X has only received the monthly patches roughly once every quarter, and the most recent update delivered to the Moto Z was from May.
While delivering these updates less frequently is clearly more efficient for Motorola, it"s obviously far from ideal for its customers, whose devices remain unprotected by the latest security improvements and fixes until the company eventually gets around to releasing them, sometimes months late. It"s not clear why Motorola is apparently incapable of adhering to a monthly rollout, when other major Android manufacturers are able to do so.
Motorola is owned by Lenovo, which hasn"t exactly had the best track record when it comes to security considerations on its devices.
Source: Ars Technica