Google’s Android Partner Vulnerability Initiative will Help Android OEMs Fix Security Issues

Oct. 3, 2020

In an attempt toprovide effective solutions to the security issues affecting Android OEMs, Google has launched the Android Partner Vulnerability Initiative (APVI). The initiative will strive to provide transparency on issues discovered by the company on non-Pixel phones.

In case you’re wondering,the APVI is different from the existing monthly Android Security Bulletins(ASB). ASBs are directly based on the Android Open Source Project (AOSP) code. On the other hand, APVI aims to solve issues impacting device code that Google doesn’t maintain.

“We didn’t have a clear way to process Google-discovered security issues outside of AOSP code that are unique to a much smaller set of specific Android OEMs.The APVI aims to close this gap, adding another layer of security for this targeted set of Android OEMs,” says the company.

In its blog post announcing APVI, Google has mentioned a few examples where the company identified security issues. These security threats include apps that bypassed permissions, leaked credentials, and had unnecessary permissions. In all such incidents, Google says it alerted OEMs and provided guidance to resolve them.

With APVI, we could expect Android OEMs to increase the pace at which they resolve critical security flaws. You can stay updated with new issues disclosed through APVI fromthis dedicated page. The page already has a few fixed and new issues across Huawei, Oppo, Vivo, ZTE, and Meizu devices.

Subin writes about consumer tech, software, and security. He secretly misses the headphone jack while pretending he’s better off with the wireless freedom.