Sorry, your Motorola Android isn’t going to get monthly security updates

Graham Cluley

Cluley 250 thumb

Well, this sucks if you’ve spent good money on a Motorola smartphone.

The firm has confirmed to Ars Technica that it isn’t going to commit to monthly security updates, even though Google will have released patches for the Android operating system.

Here’s what they told Ron Amadeo at Ars Technica:

“Motorola understands that keeping phones up to date with Android security patches is important to our customers. We strive to push security patches as quickly as possible. However, because of the amount of testing and approvals that are necessary to deploy them, it’s difficult to do this on a monthly basis for all our devices. It is often most efficient for us to bundle security updates in a scheduled Maintenance Release (MR) or OS upgrade.”

I guess people who care about security will be buying an Android smartphone from a company that does care about keeping them up-to-date with security patches – like Google or Samsung.

Or maybe they’ll just buy an iPhone. But certainly not a phone made by Motorola.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

3 Replies to “Sorry, your Motorola Android isn’t going to get monthly security updates”

  1. So the choice is: (1) an expensive iPhone, (2) an expensive Nexus or (3) a Samsung with loads of bloatware on it.

    As somebody comments on that Ars Technica article, how does Samsung manage to update its phones frequently when there is so much bloatware on them?

  2. At least all the Motorola updates I have had have worked, unlike Samsung, which have cause problems.

  3. They are not the only ones to go back on their words. HTC also backed out after a few months. They said it was "impractical" to do monthly updates. My m9 came with 5.0 lollipop, then was updated to 5.0.1 & 5.1 fairly quick, then a delayed update to 6.0 marshmallow. But now, I don't think I'll see another til next year, when I get the final update to Android 7.0 Nougat. So, once again, we all are left vulnerable for months on end, because, there are over one hundred vulns patched in Nexus since 6.0 and doubtful Android 7.0 will be completely patched when finally deliver.

    For OEMs, most customers either don't know, or don't care, so they will continue the bad behavior. My next phone will definitely be a Nexus, but because I like HTC, the change won't be a big deal, as they are making the best two devices for Google.

    There is a huge opportunity for someone to start a company that roots and installs new ROMs like Cyanogen Mod, which receive updates far better than the big OEMs. A few companies do this already, but they are located in countries that don't inspire the confidence that a western one would. But, the prices are reasonable.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET UPDATES