Outdated software is a goldmine for hackers. The WannaCry ransomware attack of 2017 that hit 230,000 computers and caused an estimated $4 billion in losses globally is a perfect example of the threat posed by outdated operating systems.
While the attack was targeted on vulnerable Windows computers, the threat remains real even for mobile operating systems.
Mobile has gone mainstream with data traffic expected to increase to 77 exabytes per month.
Now, there are
- 3.5 Billion smartphone user worldwide
- Mobile accounts for 52.6% of the global web traffic
- ⅔ rd internet users have shopping apps on their mobile
- Every day on an average 2.55 hours is the time spent by a US adult on their smartphones
But still, 99.2% of US government Android users are running outdated OS versions.
In fact, still, 40% of the Android smartphones worldwide run on Android 7.1 (Nougat) or lower.
And around 19% of Apple iPhones do not have the iOS 13 installed and Apple has now released iOS 14 as well.
Also read – One Plus 9 Pro vs Vivo X60 Pro Plus
Security Threats to Smartphone using Outdated OS
The outdated OS and lapsed security update can expose your smartphone to various threats-
| Application-based threats like | Malware, Spyware, Privacy breaches, access to sensitive information and perform undesirable actions without your knowledge |
| Web-based threats like | Automatically downloading of applications and taking advantage of browser vulnerabilities to install malware or perform other actions. |
| Network threats like | Using OS or network flaws to install malware or spyware and Wifi sniffing to intercept data. |
Steps to Check the OS Version on the Smartphone
Follow the below steps to know the OS version currently running on your smartphone.
Step 1 – On the home screen select the “Settings” tab.
Step 2 – Scroll down to the bottom where you will find the option “About device”. In “About”, you can find the latest OS on your smartphone.
Understand What is Operating System (OS) Update and What Does it Do
Operating system allows your mobile to run applications and programs.
The OS starts when the mobile is powered on and is responsible for presenting a screen containing icons for application access. The OS also manages memory resources and cellular networks.
The two most common OS used in smartphones is Android by Google and iOS by Apple.
The bugs in the OS can cause your mobile software to behave incorrectly. For example, if you type 001.400 x 02.6000 into the calculator app that gives you an answer of 2.64. Then, it is a clear indication that something is wrong.
Maybe the extra zeros are causing the software to behave wrong. The bug needs to be fixed and an OS update needs to be done.
The bug fixing is a long process, shown below
OS updates fix software or hardware problems that did not get detected before the product was released to the public.
Through an update, you get an improved, or fixed software having up-to-date system utilities, drivers and security features.
If you do not update your smartphone the older OS can create conflicts with newer apps or may cause problems loading or running newer utilities and other programs.
OS updates are provided by the software publisher free of cost. But receiving OS updates can be in phases. More on that in the next section.
Check out – Asus ROG 5 Review
Understand What is a Security Update and What It Does
There is another category of bug which grants unauthorized access to private data or mobile core settings in turn impacting the security of the software and of the device.
For example, a bug may grant you an access even if you enter the correct user name but leave the password blank. This is a simple example but in reality, the security bugs are much more complicated and may be due to unintended programming error.
The security bugs can be exploited by third-party apps to gain access to your private call records, photos and sensitive information which they shouldn’t have.
An OS security update is meant to improve device, data and information security while fixing bugs. You might not notice an additional thing happening to your mobile after running a security update.
In the next section, I am going to present Google’s stand regarding the Android OS and security updates.
I have chosen Android because it was the most preferred OS in the last few years and still commands over 85% share of the global smartphone shipments by the operating system.
That’s because Android is an open platform that gives developers the freedom to tinker and customize the core system files to make the OS unique. And that is why Android is used by most smartphone manufacturers across the world.
An open-source code means the smartphone company or for that sake, anyone can modify the settings to adjust them accordingly.
Google Android also allows apps from developers to run, which makes the smartphone’s security system fragile and prone to malware.
Also read – best power bank in India
Google’s Stand on Android OS Updates
Below is the snapshot from support.google.com for its flagship Pixel series of smartphones.
NO doubt, from point 4 it is clear that the latest Pixel smartphones are the first ones to get the Android OS updates.
Point 5 says the Android version updates are available for at least 3 years from when the device first became available on the Google Store for purchase.
Mind it, the OS update period is not from the date you purchased….
But from the date when the mobile was made available on Google store….
And the irony is – point 3 from Google that makes it crystal clear – after the lapse of 3 year period Google can’t guarantee any further updates or support from its side.
So, if you are having a Pixel 2 smartphone released in 2017 then you are already out of luck.
Whereas, Pixel 3 & 3XL will receive support for the next 6 months only till October 2021.
What is even heartbreaking is at point 1 – that your OS update schedule varies by device, manufacturer and mobile carrier.
Literally, that means – the newer your smartphone is, the sooner you’ll receive an OS update. Google’s Pixel smartphones get them first.
The OS updates are then released to the manufacturers like Samsung, Redmi, Vivo, Oppo and others. They take their sweet time to tinker and fix so as to make the OS get easily loaded on your handset.
In short, you receive OS updates with delays – in phases and limited to certain handsets only. The statement is confirmed by point 2 highlighted above.
I have searched & checked the software and security update policy for various smartphone manufacturers. Only to reveal a few more bad news…
Samsung and Nokia are the only two brands with a well-documented OS update policy. You are able to find the model-wise minimum update support period. You can click to see the security update details for Samsung & Nokia.
Xiaomi uses an MIUI (Me You I)over Android software. Developed by Xiaomi engineers, MIUI is a heavily modified Android ROM customized for Xiaomi Redmi & Mi smartphones. Xiaomi security updates happen in patches, the delivery of which depends on the regions and models.
Huawei lists the devices that are receiving Android security updates but is silent on the Android OS update policy.
Oppo, Lenovo, Vivo and OnePlus also list out devices that will be receiving updates. LG after closing the mobile business has offered to provide software updates for a period of time that may vary by region which seems doubtful.
Overall what I see is that the mobile manufacturers have lower disclosure on the OS and security updates with no proper schedule and variance by models and regions.
Below is the tabulated information on OS updates and security patch support offered by the brands. The support is only on the selected models.
| Brand | Period of OS update | Period of Security Patch support |
| Samsung | 4 years | 4 years |
| 3 years | 3 years | |
| Nokia | 2 years | 3 years |
| One Plus | 2 years | 3 years |
| Xiaomi | 2 years | 2 years |
In comparison to which Apple offers iOS and security updates for 5 or more years. You even have access to service and parts after an expired warranty for an additional two years.
What Does that Means for Consumers
To get the best smartphone utility you need to have a mobile with the latest OS.
Buying an Android smartphone near to its global release date will ensure that you get the maximum OS & security update period. But the purchase price can burn your pockets.
Every year Google releases a new Android upgrade the latest being Android 11. Upgrading the older versions is a costly affair for Google and smartphone manufacturers. They want you to purchase a new smartphone after every three to four years.
Or the smartphone manufacturers should provide a longer support period for OS & security updates. Something that Apple does.
But if you still want to use a smartphone with an expired update period then better check the following section.
Things You Can Do After the OS Update Period is Over
#1. You Need to Remove All Sensitive Data
You need to remove your banking apps, stock trading apps, all the past banking transaction-related data, personal information and private stuff.
If your smartphone has a microSD card slot then you can buy a microSD card and or connect your smartphone to a desktop or laptop to transfer data.
The best is to avoid using the mobile for carrying out any online purchase, payment or banking-related transactions.
#2. Stop Browsing & Downloading From Risky Websites
Hackers take advantage of the bugs and vulnerabilities present in web technologies like ActiveX, HTML, and Java in order to breach the browser’s security.
The attacker forces the browser to run malicious code that delivers malware and infects easily any smartphone that is running on an outdated OS. The same thing happens when you download files or an application to your mobile phones.
Using Facebook, Twitter or Youtube should be fine. But you should avoid downloading any file or clicking any link.
In short,
- Stop visiting torrent, unsecured websites showing HTTP
- Do not download files from unknown websites
- Avoid open Wifi network
- Keep away from unknown/ suspicious websites which may push apps to your phone without your knowledge.
Check out – best smartphone under 20000 for gaming in India
#3. Use Reliable Antivirus Apps
Antivirus apps like Bitdefender mobile security, Avast, AVG Antivirus or others will help you run a regular scan to avoid virus attacks.
Install a trusted antivirus app before you have run out of an OS update period. This will ensure that you get a level of protection from any kind of attack while using an outdated OS.
#4. Avoid Downloading or Updating Apps
Apps ask for permission to access certain information on the first download. But are you aware that the same app asks for “Access to information & call” even while you are updating the app. This may seem ridiculous but happens.
With an exhausted OS update, downloading an app or updating an existing one can be a risk. The Android package (APK) may contain malware inside it.
#5. Make Alternate Use of Your Smartphone
You can use your old smartphone –
- As a baby monitor
- Digital Photo frame
- Freestanding surveillance camera
- Desk Calendar,
- As an Alarm Clock
- Or as a smart remote control
- As a video recording or conferencing station
Conclusion
Since we spend most of our time online through our smartphone, it is very much important to update our smartphone’s operating system as well as update the security patches provided by smartphone manufacturers from time to time.
If your smartphone manufacturer has stopped providing updates to your smartphone, the best thing is to get a new smartphone.
If you don’t want to change the phone, install a reliable antivirus such as Quick Heal, Kaspersky, ESET and follow the steps provided in the previous section to save your data as well as important details from being hacked.
