Samsung, LG and Google to fix Android flaws in 'biggest update ever'

SANTA CLARA (Web Desk) - Samsung, LG and Google have pledged to provide monthly security updates for smartphones running the Android operating system, the BBC reported.

In July, a major bug was discovered in the software that could let hijackers access data on up to a billion phones.

Manufacturers have been slow to roll out a fix because many variations of Android are widely used.

One Android expert said it was "about time" phone makers issued security fixes more quickly.

Android has been working to patch a vulnerability, known as Stagefright, which could let hackers access a phone's data simply by sending somebody a video message.

"My guess is that this is the single largest software update the world has ever seen," said Adrian Ludwig, Android's lead engineer for security, at hacking conference Black Hat.

LG, Samsung and Google have all said a number of their handsets will get the fix, with further updates every month.

Android is an open source operating system, with the software freely available for phone manufacturers to modify and use on their handsets.

The Google-led project does provide security fixes for the software, but phone manufacturers are responsible for sending the updates to their devices.

Some phones running old versions of Android are no longer updated by the manufacturer. Many companies also deploy customised versions of Android which take time to rebuild with the security changes.

Apple and BlackBerry can patch security problems more quickly because they develop both the software and the hardware for their devices.

BlackBerry's software is reviewed by mobile networks before being sent to handsets, while Apple can push updates to its phones whenever it wants.

"The very nature of Android is that manufacturers add their own software on top, so there have been delays in software roll-outs," said Jack Parsons, editor of Android Magazine.

"In the US it's even worse because mobile carriers often add their own software too, adding another layer of bureaucracy holding up security fixes.

"There's no real villain here, that's just how the system works. But there will always be security concerns with software, so it's right that some of the manufacturers are stepping up to deal with this now."