Google will now ship monthly patches only for actively exploited flaws and batch most others into quarterly releases. It also stopped releasing monthly security update source code, limiting custom ROMs to quarterly cycles and extending the private bulletin lead time from ~30 days to several months.
— This centralizes platform control, lengthens exposure for non‑exploited bugs, and reduces transparency for a global OS, reshaping security governance and open‑source participation.
msmash
2025.09.15
100% relevant
The September 2025 bulletin listed 119 vulnerabilities versus zero in July; monthly source code drops are discontinued and batched quarterly.
← Back to All Ideas