Google will now disclose security issues in third-party devices

(Image credit: Shutterstock / Askobol)
Audio player loading…

Google has announced a new initiative that will look to manage and resolve security issues found to affect third-party Android devices and software produced by OEMs. 

The Android Partner Vulnerability Initiative (APVI) provides users of non-Pixel devices with an added layer of protection while boosting the security profile of the entire Android ecosystem. 

The new system will include popular Android devices from manufacturers such as ZTE, Xiaomi and Huawei, giving users more security information if any issues are detected.

Google security

Under the APVI, users will be informed when Google discovers security bugs for Android products not serviced by the firm internally.

According to the Google Security Blog, the APVI has already identified several security issues which have led to new user safeguards being put in place. These include protections against permission bypass vulnerabilities, overly-privileged apps and credential leaks. 

“All Android partners must adopt [Android Security Bulletin] changes in order to declare the current month’s Android security patch level (SPL),” the blog read (opens in new tab). “But until recently, we didn’t have a clear way to process Google-discovered security issues outside of [Android Open Source Project] code that are unique to a much smaller set of specific Android OEMs. The APVI aims to close this gap, adding another layer of security for this targeted set of Android OEMs.”

As well as facilitating the faster resolution of security faults, the APVI will also provide Android users with a greater level of transparency regarding vulnerabilities. Previously, any faults affecting Android OEM devices were not disclosed publicly. 

Via BleepingComputer (opens in new tab)

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.