You are using an older browser version. Please use a supported version for the best MSN experience.

FCC wants to know why mobile security patches take so long

Engadget Engadget 9/05/2016 Billy Steele
© Provided by Engadget

A number of critical security flaws have hit mobile devices in recent months, prompting device makers and service providers alike to issue timely patches to remedy the issue. Sometimes those fixes take a while to reach affected handsets, and the FCC wants to know more about the process. Today, the commission announced that it's looking into how updates are distributed when a security issue is discovered. As part of the inquiry, the FCC's Telecommunications Bureau head Job Wilkins asked both wireless carriers and 8 phone and tablet manufacturers to provide details on how problems that plague consumer devices get fixed.

In its announcement, the FCC cites the so-called Stagefright vulnerability that affected around a billion Android devices worldwide as an example. Google has released multiple patches to fix the security flaw, and those running a more recent version of the software with the latest updates are covered. However, there are a lot of aging Android devices in the wild running an older version of the OS, and some of those aren't privy to the patches needed to protect them against these issues. Of course, Apple's mobile gadgets running iOS face their own issues as well, but due to Stagefright's scope, it has garnered a ton of attention.

When updates are released from device makers, there's sometimes a holdup on the part of the wireless companies. This is why the next version of Android may hit the latest Samsung phone on AT&T before it does on Verizon, for example. For that reason, the FCC seeks details about the process from both sides, especially when it comes to critical security updates. The commission notes that while companies have addressed issues when they're discovered, there have been significant delays is the patches reaching the affected devices. And, perhaps more importantly, there are a number of phones and tablets that aren't receiving the fixes at all.

This isn't the first time government officials have looked into the recent rise in mobile security issues. Last month, Rep. Ted Lieu (D-CA) called for an investigation into the SS7 bug that allowed security researchers to track location and record phone conversations without his knowledge. That particular flaw was first revealed in late 2014.


More from Engadget

image beaconimage beaconimage beacon