"Google: 'Vulnerabilities Persist Too Long on Android'"

Google has published its annual report regarding zero-day vulnerabilities. In the report, Google's Threat Analysis Group (TAG) notes that patches are often unavailable to Android users for too long. The research group discovered 41 zero-day vulnerabilities in the wild. As the developer of Android, Google controls its own patch policy, whereas many smartphone manufacturers release their own version of the operating system. Examples include Samsung's OneUI and Nothing's NothingOS, but numerous others exist. After each Android update, there may be some delay between the release of a patch for "vanilla" Android, such as that found on Pixel smartphones, and the release of patches for Android offshoots. Google does not identify a specific vendor whose parch policy is not in order. This article continues to discuss key findings and observations from Google in regard to zero-day vulnerabilities. 

Techzine reports "Google: 'Vulnerabilities Persist Too Long on Android'"