Google’s Android Security and Privacy team announced a new project on Friday, Oct. 2, to improve non-Pixel devices’ security since device protection is incredibly important these days. The new program, called the Android Partner Vulnerability Initiative (APVI), will notify users when it identifies new security vulnerabilities or flaws that could affect OEM devices.
(Photo : Photo by Leon Neal/Getty Images)
LONDON, ENGLAND – AUGUST 09: In this photo illustration, A thumbprint is displayed on a mobile phone while the Google logo is displayed on a computer monitor on August 09, 2017 in London, England. Founded in 1995 by Sergey Brin and Larry Page, Google now makes hundreds of products used by billions of people across the globe, from YouTube and Android to Smartbox and Google Search.
“The APVI covers Google-discovered issues that could potentially affect the security posture of an Android device or its user and is aligned to ISO/IEC 29147:2018 Information technology – Security techniques – Vulnerability disclosure recommendations,” said the team.
Right now, the company has several programs that allow developers to notify Google if there are newly discovered vulnerabilities. These include the Google Play Security Rewards Program and the Android Security Rewards Program (ASR).
Google then sends ASR reports, via Android Security Bulletins (ASB), to Android Open Source Project (AOSP) based code. According to XDA Developers‘ previous report, ASB contains patches for vulnerabilities found in the Linux Kernel, the Android framework, and closed-source vendor components from other companies, such as Qualcomm.
The company usually publish the Android Security Bulletins during the first Monday of every month.
APVI will add another security layer
Google’s APVI was created to add another security layer for non-Pixel devices. On the other hand, as part of the company’s latest announcement, it also explained that some of the security flaws discovered are related to pre-installed apps on third-party devices.
(Photo : Photo by Justin Sullivan/Getty Images)
SAN FRANCISCO, CA – SEPTEMBER 29: The Google logo is displayed on the new Nexus 5X phone during a Google media event on September 29, 2015 in San Francisco, California. Google unveiled its 2015 smartphone lineup, the Nexus 5x and Nexus 6P, the new Chromecast and new Android 6.0 Marshmallow software features.
Previously, Google said that there’s a popular web browser, which is pre-installed on many devices, that could expose its users’ credentials, such as password information. The developer launched an update after the company reported the issue.
You can visit the new website to check APVI’s progress. Once you access it, you can see the newly identified security issues. Currently, Google already disclosed some problems that affected devices released by ZTE, Huawei, OPPO, and more.
This article is owned by TechTimes,
Written by: Giuliano de Leon.
ⓒ 2018 TECHTIMES.com All rights reserved. Do not reproduce without permission.