LG first started its security bulletin in June last year, and since then it has been posting monthly bulletins and rolls out security patches just like Google, Samsung, BlackBerry and other other manufacturers. Ringing in the New Year, LG is already out with its January security bulletin with details on all the patches it is serving its Android devices this month. Google is yet to announce its monthly security patch, and is expected do so in the following week.
The LG January security bulletin is up on the company’s product security website, and it contains a total of 81 patches. In its bulletin, LG notes that some of these fixes were important as they posed fairly serious risks to devices. One particularly critical bug involves potential leak of users’ data on MediaTek devices. Out of the 81 fixes, only 8 patches were aimed to solve vulnerabilities in its own software (LG calls them LVE vulnerabilities). The remaining 73 patches were all related to issues with the Google-owned Android software.
It’s important to note that only the security bulletin is up on the website listing what the January security patch entails, but the security patch itself has not been actually released. So users won’t be getting any push notifications about a security update just yet. However, now that the January bulletin is up, LG can be expected to roll it out soon. The update release should vary based on carrier and region.
Google, as mentioned, hasn’t announced its January security patch yet, and more details on the vulnerabilities will be revealed then. The LG security bulletin offers little info on the CVE (Android) vulnerabilities, but describes all the LVE vulnerabilities in its bulletin well.[“source-ndtv”]