Smartphones running on Android operating system have become susceptible to the latest issue.
In a significant move that affects millions of devices worldwide, Google has announced that it will no longer provide updates for Android 12, including security patches [1]. This decision leaves devices running Android 12, which account for over half of all active Android devices [2], vulnerable to potential cyber threats.
The latest version of Android, Android 15, introduces new requirements and features, but for Android 12 users, the lack of updates means that known vulnerabilities remain, which can be exploited by cybercriminals [3]. This creates a permanent and unpatchable vulnerability surface that cybercriminals actively target, increasing the likelihood of malware infections, ransomware attacks, privilege escalations, and data breaches [1][4].
The risks are not limited to individual users. For enterprises relying on device management, some management platforms, such as Microsoft Intune, are ending support for older Android management methods relevant to these devices [5]. This means that businesses using Android 12 devices may face security liabilities due to the lack of updates.
However, not everyone can or wants to afford a new smartphone immediately. For these users, technical solutions like Custom-ROMs, such as LineageOS, can be used [6]. Manufacturers like Huawei are now responsible for developing protective measures for their devices running Android 12, and some, like Huawei, have increasingly shifted to their own systems, such as HarmonyOS [7].
Experts recommend upgrading to a newer Android version, such as Android 13, 14, or Android 15, if possible [8]. If upgrading is not possible, users should take proactive measures to protect their devices. This includes avoiding installing apps from untrusted sources, using browsers and apps that still receive support on Android 12, enabling enhanced protection features in apps that offer them, and keeping all apps updated to their latest compatible versions [2].
For enterprise users, it is essential to migrate from deprecated management solutions, such as Android device administrator, to newer management frameworks recommended by vendors like Microsoft Intune, to maintain device security compliance [5].
Each new update for an operating system helps close security gaps in the system, making it crucial for users to upgrade to the latest version whenever possible. The continued use of Android 12 devices without updates poses increasing security risks, and the best solution is prompt upgrade. Where upgrading is delayed, users must proactively use security features, avoid risky behavior, and, for enterprises, switch to supported device management practices [1][2][5].
References:
- TechRadar
- Android Central
- CNET
- Forbes
- ZDNet
- XDA Developers
- TechCrunch
- Android Police
- In light of the unavailability of updates, Android 12 users may experience a heightened risk of cybersecurity threats due to persistent vulnerabilities, making it essential to adopt secure practices or consider upgrading to a newer version.
- The lack of updates for Android 12 devices brings a greater focus on data-and-cloud-computing security, urging businesses to migrate from deprecated management solutions and implement newer ones to maintain compliance, thus reducing potential loss of sensitive data.
