Security News > 2020 > October > Google Announces Android Partner Vulnerability Initiative
Google on Friday announced the Android Partner Vulnerability Initiative, an effort aimed at improving patching of security issues specific to Android OEMs. Through the new initiative, the tech giant also expects to improve transparency around vulnerabilities identified by Google's own researchers, but which impact device models coming from the company's Android partners.
Google already provides security researchers with various programs through which they can report security issues, such as the Android Security Rewards Program, which is for reporting vulnerabilities in Android code, and the Google Play Security Rewards Program, for reporting bugs in popular third-party Android apps.
ASR reports that have a broad impact on Android-based devices are delivered to the Android Open Source Project base code, as part of the Android Security Bulletins, and all partners are required to adopt these security changes for their devices in order to be able to declare a specific month's Android security patch level.
"But until recently, we didn't have a clear way to process Google-discovered security issues outside of AOSP code that are unique to a much smaller set of specific Android OEMs. The APVI aims to close this gap, adding another layer of security for this targeted set of Android OEMs," Google explains.
All issues discovered within Google and which could potentially impact the security of an Android device are covered by the APVI. A variety of security bugs affecting code not maintained by Google are included here, the company says.
News URL
Related news
- Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System (source)
- Google patches actively exploited Android vulnerability (CVE-2024-43093) (source)
- Week in review: Zero-click flaw in Synology NAS devices, Google fixes exploited Android vulnerability (source)
- Google Blocks Unsafe Android App Sideloading in India for Improved Fraud Protection (source)
- Google brings better bricking to Androids, to curtail crims (source)
- How to enable Safe Browsing in Google Chrome on Android (source)
- Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices (source)
- Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- Google's mysterious 'search.app' links leave Android users concerned (source)