British analysts Which? The Consumer Protection Authority has calculated how many Android devices in the world are no longer supported and do not receive security updates. According to researchers, there are more than a billion of them, that is, two out of five Android devices do not receive important security updates from Google, which exposes them to the risk of malware and other vulnerabilities.
According to last year’s Google statistics, 42.1% of active Android users worldwide use Android 6.0 and earlier OS versions: Marshmallow (2015), Lollipop (2014), KitKat (2013), Jellybean (2012), Ice Cream Sandwich ( 2011) and Gingerbread (2010). According to the official security bulletin, in 2019 no security patches were released for devices running versions below Android 7.0 (Nougat). Thus, in essence, only Android 10, as well as Android 9.0 (Pie) and Android 8.0 (Oreo) can be considered safe.
Researchers explain that the problem is compounded by sales of older devices by third parties on sites like Amazon. So, experts bought several phones, including Motorola X, Sony Xperia Z2 and Samsung Galaxy A5 2017, and found that they are subject to many long-discovered and fixed vulnerabilities, including Stagefright, Bluefrag and Jocker malware.
As a result, experts advise users of older devices to take precautions, for example, be careful when downloading applications, do not download applications from untrusted sources and do not forget about backing up data.
Also, according to the participants of the organization, it is necessary to provide greater transparency in matters of providing updates so that consumers can make informed purchase decisions and receive more detailed information on what to do next when security updates become unavailable.