A horde of one billion Android devices are running on deprecated OS versions and may be vulnerable to dozens of disclosed vulnerabilities, including critical ones. They have been joined by flagships since 2020, with the Samsung S20 series at the forefront.
According to statcounter.com, more than a third (34.5%) of all Android devices worldwide are running version 11 or older, an OS that is deprecated and no longer receives security updates.
That means more than one billion devices in use are no longer supported by security updates. The latest Alphabet report found that Android powers over three billion devices worldwide.
Android 11, which is still running on 13.65% Androids, received its last security update over a half-year ago, in February 2024.
The highly successful Samsung Galaxy S20 series, a popular flagship from 2020 with known sales of at least 28 million units, will soon become an easy target for cybercriminals. Most of these models will no longer receive security updates.
According to the end-of-life data aggregator endoflife.date, support for the Galaxy S20 Ultra, S20+, and S20 models ended five months ago, on March 2024. Support for the Samsung Galaxy S20 FE version drops in October 2024. The version of the Galaxy S20 FE, which was re-released in 2022, is still supported.
Samsung is committed to delivering firmware security updates for at least four years for devices launched in 2019 and later, while select newer devices will receive up to five years of security updates.
However, Samsung still schedules Galaxy S20 series phones to receive further quarterly security updates. The last update for the S20 series phones was released in June, after the estimated end-of-life date.
Still, those phones have had a security patch since May and are already vulnerable to three months of security vulnerabilities disclosed and patched by Google. Some critical and high-severity vulnerabilities allow malicious actors to execute remote code, and there are indications of their exploitation in the wild.
Many budget Samsung phones from the A series, released four years ago (A51, A71, and other Ax1), are no longer listed to receive updates.
Samsung flagships from 2021, the S21 series, will reach the end of life on January 29th, 2026, so the updates will continue for at least one year and five months. The S22 series adds an additional year to the tank, as their security updates end in February 2027.
August 2024 is the last month of updates for Google’s Pixel 5a with a 5G model. Google Pixel 5 is also no longer maintained, as it reached its end of life in October 2023. Pixel 6 and later Google’s devices will receive security updates until at least October 2026.
Xiaomi’s highly successful 9 and Note 9 series from 2020 have already reached end-of-life and are no longer updated, according to company’s website.
Meanwhile, Apple still supports its iPhones down to version 6S Plus, released almost nine years ago, according to endoflife.date website.
As a phone reaches its end-of-life, zero-days and other unpatched vulnerabilities accumulate over time, leaving the device increasingly susceptible to security threats.
Cybercriminals are quick to exploit known vulnerabilities. Therefore, even if the phone seems to be working fine, the user may be exposed to many malicious attacks, including sensitive data loss.
Your email address will not be published. Required fields are markedmarked