According to a report by the consumer review company Which?, more than one billion Android devices are at risk as they are running Android versions that no longer receive security updates. Going by its update cycle, Google is now offering security updates only for devices running on Android 10, Android 9 Pie, and Android 8 Oreo.
Devices running Android 7 or older are no longer eligible for security updates and thus “will carry security risks,” as per the report. Last year, Google released the Android adoption data, where it revealed that around 40% of Android devices are still powered by Android 6 or older versions.
To further make the report credible, UK-based consumer watchdog bought several Android devices that are no longer receiving security updates due to the older Android version and successfully infected them with malware. The company managed to infect some of the devices with multiple malware demonstrating the grave security risks older Android devices are currently facing.
Which? said that it is the responsibility of OEMs to ensure that users are more aware of the time duration for which a smartphone will receive updates.
While Google releases Android security updates for 3 years for its Pixel devices and devices running on Android One, several manufacturers don’t offer updates for the same duration and they reach their end-of-support, sometimes, within a year or two.
Which? argues that Android should also receive updates for a longer period of time as other operating systems like Windows and iOS offer. For example, iOS 13 released in October 2019 supports iPhone SE which was launched in March 2016. Similarly, Windows 7 was released in 2009 and reached its end-of-support this year.