Skip to main content

Google will now disclose security issues in third-party devices

(Image credit: Shutterstock / Askobol)

Google has announced a new initiative that will look to manage and resolve security issues found to affect third-party Android devices and software produced by OEMs. 

The Android Partner Vulnerability Initiative (APVI) provides users of non-Pixel devices with an added layer of protection while boosting the security profile of the entire Android ecosystem. 

The new system will include popular Android devices from manufacturers such as ZTE, Xiaomi and Huawei, giving users more security information if any issues are detected.

Google security

Under the APVI, users will be informed when Google discovers security bugs for Android products not serviced by the firm internally.

According to the Google Security Blog, the APVI has already identified several security issues which have led to new user safeguards being put in place. These include protections against permission bypass vulnerabilities, overly-privileged apps and credential leaks. 

“All Android partners must adopt [Android Security Bulletin] changes in order to declare the current month’s Android security patch level (SPL),” the blog read. “But until recently, we didn’t have a clear way to process Google-discovered security issues outside of [Android Open Source Project] code that are unique to a much smaller set of specific Android OEMs. The APVI aims to close this gap, adding another layer of security for this targeted set of Android OEMs.”

As well as facilitating the faster resolution of security faults, the APVI will also provide Android users with a greater level of transparency regarding vulnerabilities. Previously, any faults affecting Android OEM devices were not disclosed publicly. 

Via BleepingComputer