How important are Android security patches?

Once a month, Google updates the Android Security Bulletin and releases a new security patch for Pixel and Nexus phones. Other OEMs like Sony and Essential have been getting better at pushing these updates just as fast as Google does, but the likes of Samsung, LG, and others often keep users waiting and waiting for the latest patch.

These security-focused updates help to ensure your phone is as safe as can be from any potential bugs/issues, but how important are they really in day-to-day use?

One of our forum users recently popped this question, and these are a few of the responses they received.

It really depends. Technically if there is a vulnerability -- it is vulnerable. The chances of someone taking advantage of it on your particular device? Depends. I am one for security. When I was younger I didn't care as much and used whatever... now that I am older I am pretty much a direct from Google guy (current phone is a Google Pixel 2 XL) or Apple stuff. Those two stay the most up to...
Almeuit

I think because more and more of our lives are digital, security is more paramount than ever before. I think it should play a part in everyone's purchasing decisions with tech devices.
anon(10092459)

Nothing is safe if its not used safely. The first and most significant level of security is safe usage. Security updates are important but I don't think they should be relied on. Stay off the pron sites, P2P, bitorent, minimize downloads, dont stream video from just anywhere. Dont download apps you don't absolutely need and turn off permissions/notifications/background activity. Don't...
kramer5150

Security updates are like insurance... I sure as hell would love to never have to have to use it, but I'd rather have them and not need it then need it and not have it. All it takes is one nasty but of malware making the rounds and have some loser steal my credit card or bank info, etc. Makes for a really bad day.
LeoRex

What's your take on this? How important do you think security patches are?

Join the conversation in the forums!

Joe Maring was a Senior Editor for Android Central between 2017 and 2021. You can reach him on Twitter at @JoeMaring1.

23 Comments

Well, I'm using an HTC U11 that is still on December's security patch. I'm quite disappointed in HTC for lagging behind this bad. When I had my Pixel 2 XL is definitely enjoyed getting the latest updated and fixes. Just couldn't deal with the speaker rattles.
Why didn't you RMA the phone?
I guess it's important. I have so much info in my phone it's crazy. Contacts, banking, trading, personal notes, photos, emails, msgs. I want it all secured
My main phone is an "ancient" Sony Xperia Z3 that's forever stuck on Marshmallow and with a May 1, 2016 security patch level. The sky hasn't fallen... yet. 😀
So I guess a secondary question is, "how big of a deal is it if you're consistently a month or 2 behind on security patches?" That seems to be the case with Samsung (at least Verizon versions) but they were quick to patch serious issues like blueborne and krack. Are we really that much more at risk by being a month behind?
Unless there is a big security issue being behind isn't a big problem. My S8+ on AT&T is on the March security patch, Android 8.0, ans Samsung Experience 9.
My S8 Active on AT&T got the April 13th security patch on May 7th. Samsung/AT&T seem to be getting better about pushing out these security patches! Maybe not as fast as Google but it's a whole lot better than it use to be!!!
They're always important, but according to another Android Central article, this security update doesn't address any major issues and just tightens up the general security. I'm sure my S8+ will get it in time for the June update haha
It depends on your digital lifestyle. I'm sorta old school. I do very little financial stuff on my phone. I have a debit card I use for online purchases but it rarely has more than $100 on it and usually much less. I'm on the Feb 1st security patch and I'm not worried.
Yes. Keeping it simple is best for me too. I don't need the new way of doing things, if the old way isn't broken no more than new. I'm sure I can still take my hand, reach into my pocket, pull out my wallet, and get my card. The new way is more convenient, but no more difficult than the old way, if it is, and you can't reach your wallet, or purse, see a doctor, you're sick.
I'm using an unlocked Galaxy S8 and am on the March security patch. The updates are important to me and I wish Samsung sent them out faster. I do have some comfort knowing that Google Play Protect is a great line of defense and I only download apps from there. I also use an ad blocker with the my web browser and the phone comes with McAfee automatically installed.
I've still never heard of anyone getting their phone hacked?
Has it ever happened?
Buying a new phone seems to be far more risky than using an old one.
(Sent from my Oneplus 5)
To me OS and security updates are important. My phone is my personal assistant - work - personal - vacation etc. I agree with others - we are moving to where all items are now digital - banking - investments - receipts - itineraries - etc. ID theft is a real thing now days... So security I think is essential.
I agree with the sub-title and timely OS/Security updates are high priority when choosing a new device, so I stay with Google . . . currently P2xl.
Security updates are very important to me, as the other posters have said, we do most of our private information based stuff on these devices now. That's why I wish Google hardware was available in South Africa, I would get my self a Pixel.
Don't have stupid easy passwords. Only download from Google Play, Samsung store, or maybe Amazon. Most of the truly brutal android hacks require physical access to your phone. Sure, security patches matter. But... If you couldn't live without the patches or millions of people were getting hacked.. Then there never would be delays by manufacturers. Would I buy inferior hardware like the Google Pixel to get same month security patches? Hell no. What everyone (even the most irrational Android OS fan boys) can agree on is that the latest version of Android OS doesn't matter. Let's see... Android 8 oreo has managed an install of 5% now... And Android P is arriving in a couple of months? LMAO!
Actually having the latest version of Android DOES matter if you want the latest features. Oh and the Pixel's hardware isn't "inferior" the Pixel is my Ideal phone, it has the best version of Android IMO pure, clean and total Google with the perks if being first in line for updates and with Google the only one who can be trusted t deliver consistent monthly security patches and I don't care about expandable memory or wireless charging which nobody can give a valid reason why wireless charging is necessary. As long as it has enough RAM, a top of the line Qualcomm Snapdragon SOC and a great camera then I'm good and the Pixel 2 XL ticks all those boxes and then some.
I have an Alcatel A7 running Android 7.0 Nougat and that's still on the November 5th 2017 security patch.
I remember the old windows days, when updates came out for their latest, almost all the versions under it would get the update too(remember the Microsoft update center?). Microsoft didn't discriminate( until later in it's life). Nowadays, it's a money grab type system, if you don't have the latest, you're left behind, even if you're os is one version old. You either have to wait for the mfg's update(which may come much later, or never), or buy the latest "God" phone. Sigh.. I miss the old days, and ways. Google worries about fragmentation, but they only have theirselves to blame, with their rules on security patches.
The patches to me, are more important than any point release of android. Other than a couple cosmetic tweaks or enhancements, for what I use, anything from Lollipop is good enough. The security patches are what I want more than new versions. At least, hopefully, anything released from 8.0 onward, will receive quicker updates because of project Treble
How important is it that your house insurance is up to date? Do you leave the windows in your hose open when you leave?
I think it's more like did you arm the electric fence.
Did you release the hounds.
Phones appear to be incredibly secure. What was the last patch the closed an issue that had been proven to be a risk in the wild?
Just about every patch is for an issue that only exists if the 3rd party has the phone.
I agree that prudent owner usage is the best security you can have. Most phones are far from current with their security updates so being smart is the next best thing.

Show more comments

Get the Android Central Newsletter