Google has been promising to fix the major failing of Android for far too long. That's of course the completely haphazard way Android phones get updates.
Recently we've had promises of new commitments to delivering from OEMs around security updates. Google says it will deliver them on a monthly basis, premium OEMs promise to get them on to devices quickly.
So how are they doing? Well I have two devices from premium Android OEMs and their current state is illuminating. My Xperia XZ has Android Nougat 7.0, however it's security firmware update is dated November 2016. Seriously out of date.
My Galaxy Tab S2 tablet is even worse though. This is rocking Android 6 Marshmallow. It's security update is from June 2016. Almost a year out of date.
Now I'm not talking about version upgrades and fragmentation here, we're talking security updates released to reduce the risk of exploitation of known vulnerabilities on these devices. That's an incredibly shoddy state of affairs and clearly shows Google's failure to make progress in getting devices up to date.
As I mentioned last week, when we were all finding out just how easy it is to exploit out of date operating systems, Android is a potential big money earner for hackers who can exploit a weakness.
In fact, now that Android is the biggest platform on the global stage, I'd say its entirely likely that thise hackers will be making Android the main focus of future exploit development.