Users in the United States often have to wait for a very long time to get software and security updates on their mobile devices, most devices don’t come with a guarantee that they’ll even receive these updates, and this has got the regulators thinking now. The Federal Trade Commission and the Federal Communications Commission have teamed up to look into the matter of slow and missing security updates for mobile devices.
Both regulators are now conducting separate but parallel inquiries into how important security updates are managed by mobile device makers. The FCC singles out as an example to show that important security patches are often not deployed by all manufacturers in a timely fashion. The regulators are worried that should the status quo prevail, older devices will be left behind and delays for devices that do receive security patches will be considerable. The FTC has ordered eight companies to provide information for the inquiry, the companies include Samsung, Motorola, LG, Microsoft, HTC, Google, Apple, and BlackBerry. The companies have been asked to provide data on how they decide whether or not to patch a device, it’s also interested in finding out if any of these companies have sold devices in the past few years that still have any unpatched vulnerabilities.
The industry did make a commitment to timely deploy security patches following the Stagefright saga after which Google started releasing monthly security patches for Android. Some OEMs, , followed suit but there are still many OEMs that haven’t been deploying patches as quickly as they should be.
Both regulators are now conducting separate but parallel inquiries into how important security updates are managed by mobile device makers. The FCC singles out as an example to show that important security patches are often not deployed by all manufacturers in a timely fashion. The regulators are worried that should the status quo prevail, older devices will be left behind and delays for devices that do receive security patches will be considerable. The FTC has ordered eight companies to provide information for the inquiry, the companies include Samsung, Motorola, LG, Microsoft, HTC, Google, Apple, and BlackBerry. The companies have been asked to provide data on how they decide whether or not to patch a device, it’s also interested in finding out if any of these companies have sold devices in the past few years that still have any unpatched vulnerabilities.
The industry did make a commitment to timely deploy security patches following the Stagefright saga after which Google started releasing monthly security patches for Android. Some OEMs, , followed suit but there are still many OEMs that haven’t been deploying patches as quickly as they should be.