Android合作伙伴脆弱性倡议列出了谷歌发现的OEM安全问题
Android Partner Vulnerability Initiative lists OEM security issues that Google discovered

Android Partner Vulnerability Initiative lists OEM security issues that Google discovered

Android合作伙伴脆弱性倡议列出了谷歌发现的OEM安全问题

安卓生产商每月都会发布安全补丁,以保护设备免受最新问题的影响。通过Android伙伴脆弱性倡议,谷歌现在将详细说明它在伙伴设备上发现的问题。

安卓保安公司(Android Security & amp)和隐私团队希望通过这个项目“推动补救措施,为用户提供透明度” 。以前"在AOSP代码之外,没有明确的办法处理谷歌发现的安全问题,而AOSP代码是少数特定Android OEMs所独有的" 。

这些漏洞存在于设备代码中,谷歌并不负责有别于Android安全公告,但“可能会影响Android设备或其用户的安全态势” 。

谷歌在宣布反车辆地雷影响指数时,详细说明了它发现的一些弱点,此后合作伙伴处理了以下问题:

在这些情况下,谷歌使OEMs意识到了这一问题,并就如何解决或接触应用开发人员提供了指导。

Android伙伴脆弱性倡议清单可在此查阅。它加入了Android安全奖励方案和Google Play安全奖励方案。

Every month, Android manufacturers release security patches to protect devices from the latest issues. With the Android Partner Vulnerability Initiative (AVPI), Google will now detail problems it has discovered on partner devices.

With this program, the Android Security & Privacy team wants to "drive remediation and provide transparency to users." There was previously no "clear way to process Google-discovered security issues outside of AOSP code that are unique to a much smaller set of specific Android OEMs."

These vulnerabilities are in device code that Google is not responsible for differing from Android Security Bulletins, but "could potentially affect the security posture of an Android device or its user."

In announcing AVPI, Google detailed some of the vulnerabilities it has discovered and partners have since addressed:

In these cases, Google made OEMs aware of the issue and provided guidance on how to address, or reached out to the app developer.

The Android Partner Vulnerability Initiative list is available here. It joins the Android Security Rewards Program and the Google Play Security Rewards Program.

Every month, Android manufacturers release security patches to protect devices from the latest issues. With the Android Partner Vulnerability Initiative (AVPI), Google will now detail problems it has discovered on partner devices.

安卓生产商每月都会发布安全补丁,以保护设备免受最新问题的影响。通过Android伙伴脆弱性倡议,谷歌现在将详细说明它在伙伴设备上发现的问题。

With this program, the Android Security & Privacy team wants to "drive remediation and provide transparency to users." There was previously no "clear way to process Google-discovered security issues outside of AOSP code that are unique to a much smaller set of specific Android OEMs."

安卓保安公司(Android Security & amp)和隐私团队希望通过这个项目“推动补救措施,为用户提供透明度” 。以前"在AOSP代码之外,没有明确的办法处理谷歌发现的安全问题,而AOSP代码是少数特定Android OEMs所独有的" 。

These vulnerabilities are in device code that Google is not responsible for differing from Android Security Bulletins, but "could potentially affect the security posture of an Android device or its user."

这些漏洞存在于设备代码中,谷歌并不负责有别于Android安全公告,但“可能会影响Android设备或其用户的安全态势” 。

In announcing AVPI, Google detailed some of the vulnerabilities it has discovered and partners have since addressed:

谷歌在宣布反车辆地雷影响指数时,详细说明了它发现的一些弱点,此后合作伙伴处理了以下问题:

In these cases, Google made OEMs aware of the issue and provided guidance on how to address, or reached out to the app developer.

在这些情况下,谷歌使OEMs意识到了这一问题,并就如何解决或接触应用开发人员提供了指导。

The Android Partner Vulnerability Initiative list is available here. It joins the Android Security Rewards Program and the Google Play Security Rewards Program.

Android伙伴脆弱性倡议清单可在此查阅。它加入了Android安全奖励方案和Google Play安全奖励方案。