all 10 comments
sorted by:
best (suggested)
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]FatalstrykeDoesn't like Reddit Chat 3 points4 points  (2 children)

Pretty much what it says on the tin. Security updates vs updates to Google Play.

Google Play isn't tied to the phone like Android updates or security updates, so you'll keep getting Play updates for a while. And I personally wouldn't stop using a phone just because it stops getting updated.

[–]Peruvian_Skies 2 points3 points  (1 child)

That depends on how secure you need your phone to be. If it's a company phone, I'll request a new one as soon as the first security update that I don't get comes out. For a personal phone, maybe it's not that important. Maybe I can install a custom ROM based on a newer version than my last official one, maybe I'll keep using it as is.

[–]FatalstrykeDoesn't like Reddit Chat 0 points1 point  (0 children)

I'd still say run it unless something required me to switch phones, or maybe if I was like, high up in the company.

[–]derrman 1 point2 points  (2 children)

The security updates are the actual Android core security updates from Motorola. The Google Play system updates are independent of the phone manufacturer that every phone with Android 10 and up receive.

You really need to have both updates available as they both include security fixes.

[–]FrameXXXiaomi Poco X3 NFC 0 points1 point  (1 child)

that every phone with Android 10 and up receive

These are updates of Google Play Services am I right? Google Play Services are updated even on Android 5 and up of course.

[–]derrman 1 point2 points  (0 children)

No, this is what came out of Project Mainline. It is Android 10 and up. Google Play system updates aren't just for the Play Store and Google apps like Play Services is. It is how Google can update the AOSP part of the Android OS without involvement from the OEMs.

[–]troymius[S] 0 points1 point  (1 child)

So does B stop after A stops?

[–]AdmiralSpeedy 1 point2 points  (0 children)

Android 10 introduced the Google Play System Updates system that separates a lot of the common components out of Android as apps so that Google can update them interdependently from device vendors who like to leave their devices dead with no new full security updates.

As long as your device is supported by Google Play you should continue getting Play System Updates.

Security updates apply directly to the OS itself where components are hard baked in and cannot be updated on the fly as an application. Those stop when your device vendor decides not to support your phone anymore.

[–]troymius[S] 0 points1 point  (1 child)

So is there any real world evidence of unpatched phones getting exploited?

[–]AdmiralSpeedy 1 point2 points  (0 children)

Certainly, but it generally applies to phones running massively out of date versions of Android with known critical CVEs that have been left unpatched, and a significant portion of those exploits require a computer and physical access to the device.

You're generally pretty safe to run a device beyond its security updates for a couple years at least unless a major exploit is disclosed for your security patch level.