Google Explains Why WebView Vulnerability Will Go Unpatched On Android 4.3 579
MojoKid writes If you're running Android 4.3 or earlier, you're pretty much out of luck when it comes to a baked-in defense against a WebView vulnerability that was discovered earlier this month by security analyst Tod Beardsley. The vulnerability leaves millions of users open to attack from hackers that choose to exploit the security hole. WebView is a core component of the Android operating system that renders web pages. The good news is that the version of WebView included in Android 4.4 KitKat and Android 5.0 Lollipop is based on Chromium and is not affected by the vulnerability. The bad news is that those running Android 4.3 and earlier are wide open, which means that 60 percent of Android users (or nearly one billion customers) are affected. What's most interesting is that Google has no trouble tossing grenades at the feet of Microsoft and Apple courtesy of its Project Zero program, but doesn't seem to have the resources to fix a vulnerability that affects a substantial portion of the Android user base.
The solution is obvious (Score:5, Insightful)
Clearly Google has decided that the solution for this problem is to update Android. This is not an unreasonable solution. The problem is fixed, and how you get the fix is well documented.
The problem is when your carrier prevents you from upgrading. Blame for this issue lies soley at the feet of Verizon, At&T, Sprint, T-Mobile, etc.
Re:The solution is obvious (Score:5, Informative)
Re:The solution is obvious (Score:5, Informative)
The webview control is also used internally by many apps, so you can't really avoid it. Google is pulling an "XP" here, except they're abandoning software that hasn't even been in the market for two full years.
Re: (Score:2)
The timeframes for Android are not of the same scale as those for Windows. Don't confuse them and then complain.
Re: (Score:3)
Bullshit.
Google are a highly effective propaganda company.
But, as providers of a platform for developers, they are absolutely horrible. Writing software for their "platform" is like building a house on quicksand.
They make me look back on the time spent developing for Microsofts products with fondness.
Re:The solution is obvious (Score:5, Informative)
Except that the hardware requirements for Android have advanced for each new release. Specifically, phones with 512MB of RAM or less cannot be upgraded to Jelly Bean.
Re:The solution is obvious (Score:4, Funny)
But 512 megs should be enough for ANYBODY...
Re: (Score:3)
That seems like a strange limitation. I have an old Galaxy S with 394MB of RAM and it runs KitKat via Cyanogen really well. It's quite smooth and usable, more so than it ever was in fact.
Re: (Score:3)
I've got an HTC ONE-S, that was not dirty cheap at all, and I love it: small, lightweight, nice screen, fast. But, shortly after having bought it HTC went back on their promise to udate it at least one mayor version. So now I'm fucked.
I have three choices: 1) stop using a perfectly good phone that I like, but is basically a portable danger until I to get my data stlen by some russian mofo 2) throw away a perfectly good phone 3) sue HTC for selling an unsafe device, and spend all my money for a very dubious
Re: (Score:3, Informative)
Google has stopped patching Android 4.3 and lower. Instead they want you to upgrade the OS, and they don't give a rat's ass whether that is actually possible. How is that not worse than pulling an XP, considering that Android 4.3 was the latest version just seven months ago?
Re: (Score:3)
No, it's your hardware provider that is your problem, not Google.
Wrong. It's not up to Samsung what's installed on my Galaxy S4.
The "updates" are FREE, there's zero reason not to be on the current release.
Wrong. If my wireless provider doesn't release an update, I'm shit out of luck unless I want to root my phone, which voids my warranty and can negate my service contract. It'd also piss off my employer, as they're the ones supplying the phone and service and we have a contractual obligation with them NOT to root the phone.
Contact your hardware provider and bitch to them, not Google.
Again, the hardware provider isn't the one who controls this situation.
Re:The solution is obvious (Score:5, Insightful)
Well, unlike the wireless phone companies, there where no vendors for the PCs that insist on putting their hands on the OS to customize the Android experience (mostly to detrimental effect, in my experience). So yes, Verizon, T-Mobile are on the hook for this one.
My plain vanilla Nexus 4 is still running fine with the latest and greatest, well latest, OS from Google. It is just staring to take some performance hits as compared to when it first came out.
Re:The solution is obvious (Score:4, Insightful)
This is a bad example. You don't get all your drivers from the OS vendor. Google publishes the OS images to the public. The problem is that you can't use them if your hardware vendor has not yet made their drivers compatible with the new version of the OS.
Microsoft doesn't package every driver from every hardware vendor with it's OS. IF your hardware vendor doesn't provide a driver for Windows then that's not Microsoft's fault.
Furthermore, if you really want updates ASAP, you can get a Nexus phone and be the first to receive them directly from Google.
Re: (Score:3, Informative)
It's a valid example: a smartphone is just a shrunk down PC/laptop.
True, but we do get OS updates from only one vendor: the OS vendor. If there's a driver bug or hardware bug, we get the driver update from the hardware vendor. This is not a hardware/hardware driver bug, so the update must come from the OS vendor, google.
Re: (Score:3, Interesting)
" a smartphone is just a shrunk down PC/laptop."
No. It isn't. Seriously. PC/Laptop CPUs are all either x86 or i64 (mostly i64) compatible and standardized. The various modified ARM versions in mobiles are not. ARM tech is licensed and various core manufacturers make their own changes - but also, there are ARM4, ARM5, ARM6, ARM7, and ARM8 based CPUs out there with incompatible binaries. MS and Apple just compile once and go (Though Apple compiles for A5, etc for tablets and MS compiles for 32 bit and
Re:The solution is obvious (Score:5, Insightful)
Download the Android source from the official site for free: https://source.android.com/sou... [android.com]
You might be thinking of the Play store and other Google apps, which as you say are not free. You can download and install them for free as a user, but if you want to ship them pre-installed on a device then there are licence agreements. Nothing in those agreements about having to launch a flagship phone or nonsense like that... Android is winning because it is available on everything from low cost low end devices to the very top tier hardware.
As for the costs, Cyanogen seems to prove that they can be pretty low. They support a lot of devices with very little funding to do so, partly because they are open source and rely on volunteers. Some companies pay them for support, which seems like a reasonable way to do long term updates.
You should never buy a phone from a carrier. Always get it unbranded and unlocked.
Re: (Score:3)
AOSP is Android. You can something like Cyanogen or any number of AOSP based distros with no Google software at all and have a fully functional phone. The Android OS is free.
You are confusing the OS with the Google apps like Gmail and the Play store. If you don't want them, there are open source alternatives available. Cyanogen doesn't ship with any Google apps by default, you have to download and install them yourself manually.
Re: (Score:3)
Yeah, that can't be right.
A WebView can be used in pretty much any app. It may or may not be vulnerable, depending on whether certain features of the WebView are used, but a WebView has the potential to be the core of a complete (vulnerable) browser in any app.
More info on this matter here: https://community.rapid7.com/c... [rapid7.com]
My guess (or hope, maybe) is that Google is responding the way they are to strongarm the handset manufacturers into (allowing) properly updating Android on their older products. A sort of
Re:The solution is obvious (Score:5, Informative)
No, they just don't give a shit like any other massive software company. My 1 year old Post-Google Moto phone will never see an official 4.4/5.0 release. Clearly they just can't be fucked to try.
Re: (Score:3)
how is apple able to upgrade their phones for like 5 years and Scamsung, LG and HTC cannot?
Re:The solution is obvious (Score:5, Insightful)
Re:The solution is obvious (Score:5, Insightful)
Apple is comparatively disciplined, releasing about one new phone a year, and hardware and software are under their full control.
Together, the others release dozens, and different companies share different responsibilities. Nice for consumer choice, but not so nice for support, since nobody wants to maintain a software stack nor wrestle with the politics involved in updating so many different devices.
Re:The solution is obvious (Score:5, Interesting)
You're off by an order of magnitude.
Samsung, in 2014, released about 3 smartphones per week. Yes, they have over 150 smartphones released in 2014. Tablet wise, I think it was over 1 tablet a week (it was over 50 around October).
It seems a lot of Android manufacturers see Android more as a "fire and forget" style of releases - just get a version of Android, stick it on, sell it, move on.
I mean, supporting 200 brand new Android devices (ignoring 2013 releases and prior) ...
Re: (Score:3)
It's not 150 smartphones a year, it's 150 distinct models. Often the only difference between models is the default language, or some minor variation in the case (far eastern models usually have a place to attach a strap, western models don't but otherwise the hardware is identical). Often it's just a different modem driver to support different regions LTE, that kind of thing. The core software is the same, and sure enough when they do release updates they tend to be for all models in a family at once.
Re:The solution is obvious (Score:5, Insightful)
Re: (Score:2, Insightful)
Perhaps you really do get what you pay for.
Re: (Score:3)
Apple abandoned the original iPad in under 2.5 years.
It's not like they don't do it either.
Companies expect you to buy the new hotness all the time, and stop expending resources on older platforms.
Because, after all, they only give a shit about you for as long as it takes to get your money. And then you're just someone who doesn't matter to them.
Re:The solution is obvious (Score:5, Informative)
But on the other hand, Apple released a security patch for the iPhone 3GS - released in 2009 -- last February.
The iPad 2 released mid-2011 can still run the latest OS.
Re:The solution is obvious (Score:5, Informative)
2.5 years is pretty good compared with many Android devices. My wife and I have owned 4 Android devices between us, and none of them received updates even 2 years after their initial release date.
Also I suspect you picked on the first iPad because it was the worst. I can't recall any mainstream Apple product that was supported for less time. Many of them are supported for 4 years or more.
Re: (Score:3)
Obvious troll is obvious. Grind your axe somewhere else.
Re: (Score:3, Insightful)
Re: (Score:3)
Re: (Score:3, Insightful)
That's fucking comical. Google knows very well what the situation with the carriers and OEMs is, they are just as culpable in this mess. If Microsoft or Apple pulled some shit like this the tech blog sphere would implode from the density of the rage. All is forgiven for Glorious Google-sama however!
Re: (Score:2)
It's not just carriers. It's also manufacturers. I Europe it's common to buy phones off contract but they are not upgraded either.
So the manufactures are also to blame. And I offend think that it's the manufactures fault. And not the carrier. For why else would they not make the updates for the rest of the world?
Re: (Score:2)
The difference is, unlocked/no-contract phones can have their OS upgraded. Under-contract phones in the USA can only be upgraded if the carrier allows it.
So in Europe it's possible, and in the USA it is not.
Re:The solution is obvious (Score:5, Informative)
Android 4.3 was released July 24, 2013
Re:The solution is obvious (Score:5, Insightful)
I disagree. Microsoft not supporting XP and Google not supporting 4.3 are two completely different things. 4.3, despite being two major versions ago was released less than two years ago. If Microsoft or Apple stopped supporting an OS version after less than two years, there would hell to pay. Why does Google get a pass just because they have a fast versioning scheme?
Re:The solution is obvious (Score:4, Interesting)
Largely because everyone with a clue knows that 99.999% of devices still running Android 4.3.x which haven't been upgraded to 4.4.x have approximately 0.00000 probability of being updated to 4.3.(x+1) even if Google were to make a patch available.
Whether they "support" 4.3 for two days, two years or two decades at this point is largely irrelevant. If you have no means to get a patch to the people affected by the problem and you're going to get criticized irrespective of whether or not you try, then why waste the resources?
And it's pretty darn obvious from what Google's been doing in the last few years that this is not a situation that Google is happy with, nor is it a situation they could reasonably do much more about.
Re: (Score:3)
And so could the handset manufacturers.
This is going to be so big, the lawyers wont bother laughing all the way to the bank - the banks will come to them.
Re:The solution is obvious (Score:5, Interesting)
Exactly. I wouldn't blame Google for this, the problem lies with the carriers not upgrading their fleet of phones. Android is now 3 major version releases past 4.3. Would you really expect Microsoft to continue to support Windows XP anymore? They don't, unless business is willing to shell out big bucks for added support.
Carriers should really be to blame.
Two key differences. First, XP came out in 2001. Second, XP support ended last year. But to be fair, I'd be happy if Google would support their OS for even half that long. So, where is that support for Android 1.1?
Realistically, support should last at least as long as the longest contract in the countries their product is used in. If you went with the standard of a 3-year contract (I think there are 4-year contracts, but I'm certain my carrier has 3-year contracts), that would still leave the later releases of Ice Cream Sandwich (4.0) under support. Face it, their Android OS support is abysmal.
Re: (Score:3)
Re:The solution is obvious (Score:5, Interesting)
It would be a major improvement if Android products were supported for even 2 year contract periods.
Google should require manufacturers to provide all Android updates for 2 years minimum and 2 minor versions minimum, and security updates for those minor versions for 4 years minimum.
Re: (Score:3, Insightful)
Why wouldn't you blame Google for this? Google explicitly said they are not updating the code. Since the carriers depend on Google to provide the code, how are they not culpable?
And the "oh, 5 million lines of code, I don't know where to look" is damned weak sauce. Debian back ports security patches all the time.
Re:The solution is obvious (Score:5, Interesting)
Apple released a security patch for iOS 6 when that SSL vulnerability was found. It was a deprecated OS running on a MINORITY of Apple phones and they issued an update anyway. (http://support.apple.com/en-ca/HT202920)
Why are so many people excited to give Google a pass over this? Support your customers or don't, but be up front about how long they're going to get to see updates. If you're going to drop security support after 18 months, at least let everyone know so they can make an informed decision.
Re: (Score:3)
You're talking like Google's a minority player in this deal. Google's the big dog here. Google dictates terms, and this one isn't so onerous. They patch the OS and they send the patch to a bunch of handset makers. They integrate the patch and push the update. This isn't a fundamental system overhaul, it's a bug fix. Unless the phones are incapable of receiving an update at all, they should be able to get this no problem. If there are costs, Google can offer to defray them. This is about building a brand and
Re: (Score:3)
They're not "responsible" for updating the OS on their customers' phones. The customer can update the OS... IF the carrier will let them. OS changes are locked out on most under-contract Android phones.
Re: (Score:3)
You could shorten that to "Buy unlocked". I am not aware of any major carrier in the USA that does not lock down their Android phones. There is no incentive to fix bad behavior when everyone else is doing it as well. See: car sales.
Re: (Score:2)
How do you figure?
Re:The solution is obvious (Score:4, Informative)
Google created the rules of the AOSP and the OHA. they could have set a rule about phone upgrades, but decided they would get faster market share growth if they let that one slide. now they are paying the price. actually, the users are paying the price, google still has its market share so they feel good about it.
Re:The solution is obvious (Score:5, Insightful)
So because Google didn't specifically forbid something, and the carriers went ahead and did it not because it was a good idea, but because fuck the customer, that's Google's fault? If I don't specifically tell someone to look both ways before crossing the street, is it my fault when they don't and get hit by a bus?
The carriers are the bad actors here. Google had a bug in their product, and they have fixed it. The carriers are the ones not allowing their customers to install the fixed version.
Re: (Score:3, Informative)
Re: (Score:3)
Google phone, made by Google, sold by Google. (Score:3)
Sure it uses some internal components made by other companies, so does the iPhone, so does every consumer product. That's not an excuse to stop supporting a product made by your company.
Re: (Score:3)
then why would google let someone into the OHA if they're not willing to patch critical vulnerabilities in their phones? If I were in charge and I cared about the customers I would throw somebody out of the OHA for that nonsense.
Re:The solution is obvious (Score:4, Insightful)
Re: (Score:2, Interesting)
ok, so why didn't google do things the way apple did them? the precedent was already set. I'll tell you why - they wanted market share, not a good (and safe) user experience. For google, users are the product.
Re: (Score:3)
Google aren't manufacturing and selling the phones to the carriers. The manufacturer is.
The phone that Google manufacture are generally updated in a timely fashion.
Re: (Score:3)
It's a bit different though isn't? Updating versions on your phone is more like upgrading to the newest service pack instead of buying a new OS. The OS is available for anyone to grab free of charge, updated patched and new features even. Free of charge.
That's not the same as letting support of XP die and quite frankly I had no problem with it in the first place. That OS is decades old now and the people bitching about security holes were most likely using it for custom software that was probably just a
Re: (Score:3, Informative)
No, blame for this is on Google, because Android is designed as a firmware but marketed as an operating system. An operating system would get updates without requiring a complete wipe and reinstallation.
My current phone has got updates from Kit Kat to Lollipop without a wipe and reinstallation. As have all my previous android phones from one version to another. I'm unsure what you are getting at here...
Android has a huge attack surface and still completely lacks ways to fix bugs except by abandoning entire "OS" versions.
Not true. Google has a way to patch parts of the operating system on older versions using play services:
http://arstechnica.com/gadgets... [arstechnica.com]
Their excuse sucks (Score:4, Insightful)
They claim not to have the resources to do maintenance because it's 5 million lines of source code. Gee whiz, how many 100s of millions of lines of source code are there for OSes - and yet they don't get EOLed in a couple of years.
What other bugs (in this and other projects) are going to be labed WONT_FIX?
Re: (Score:2)
Hipster developers do not do such lowly menial tasks as maintenance!
Re:Their excuse sucks (Score:4, Funny)
I'm eagerly awaiting the inclusion of WebKit in systemd.
Re: (Score:3)
it was fixed. it is fixed... in Android 4.4. Android 4.4 is free update. People don't have the patch because carriers don't patch 2 year old phones.
And this is a problem with the current android ecosystem.
Re: (Score:3, Informative)
The "excuse" was omitted in the Slashdot post...
Here it is verbatim from Google on January 12:
"If the affected version [of WebView] is before 4.4, we generally do not develop the patches ourselves, but welcome patches with the report for consideration. Other than notifying OEMs, we will not be able to take action on any report that is affecting versions before 4.4 that are not accompanied with a patch."
That's not even a reason. It's a meaningless restatement of the question:
"Why are you not developing a pat
Re: (Score:2)
Article misses the point (Score:5, Informative)
The WebView code was originally tied directly to the android version and HW manufactures aren't willing to deploy 4.4 since it would take effort on their part. To avoid this, in the newer versions of android, they have made it so there can be a play store update to fix and replace the webview-like modules so they can regain control of the patching process and not rely on handset companies.
Re:Article misses the point (Score:4, Interesting)
The WebView code was originally tied directly to the android version and HW manufactures aren't willing to deploy 4.4 since it would take effort on their part.
4.4 changed WebView and that broke a number of apps.
And not simply broke. Google has removed sizable chunk of WebView functionality because it is not really WebView anymore, it is small Chrome browser window and the features everybody was relying upon where never part of Chrome and as such... tough luck.
To the company with the resources of Google, lame excuses like that are just unacceptable.
Nice troll (Score:5, Insightful)
Like everyone else reporting on this story, it completely misses the point -- there's no *point* in Google writing a patch, none of the hardware companies involved would ever bother to deploy it. They have *no* control over that bit of code in your phone unless you're running a Nexus device.
Re:Nice troll (Score:5, Insightful)
Also a point that gets largely glossed over is that this only affects apps that use Webview as a widget -- browser apps like Chrome or Opera aren't affected because they've updated themselves to use Chromium (or something else). This may affect 60% of Android users, but what percentage of those are using the browser inside an app to visit random sketchy websites? I'm guessing the actual user base at risk is quite small.
The way this is reported it sounds like if you use Chrome on anything south of 4.4, you're IN GRAVE MORTAL DANGER OF TEH HACKZ.
Re: (Score:2)
But, hey, why pass up a chance to bash?
Re: (Score:3)
Re:Nice troll (Score:5, Interesting)
I have a Google Nexus. 4.3 is the last version supporting my phone. The phone does everything I need it to, so I don't want to waste money on a newer one. I think this is a blatant attempt to force people to buy newer phones. All their craplets get updated, but not the Android OS.
Re: (Score:3, Insightful)
ding ding ding (Score:3)
there's no *point* in Google writing a patch, none of the hardware companies involved would ever bother to deploy it.
This has been my experience in the industry as well. I don't see OEMs scrambling to get the latest updates from the chip vendor or from Google. And I see chip vendors who basically abandon support for older chips on newer releases.
I blame Google, OEMs and Vendors for the problem and not really the carriers. While carriers usually want software to be qualified before an update is allowed, there are many carriers with different rules and many phones that are not under contract.
Carriers are less particular abo
Not to be an apologist for Google, but (Score:5, Informative)
Comment removed (Score:5, Insightful)
Re:Not to be an apologist for Google, but (Score:5, Insightful)
Alternatively; "Here is how Google royally screwed up writing their OS so that updating even relatively minor parts requires a full OS upgrade while Apple and Microsoft seem to have figured out how patching works."
Re: (Score:3)
Re: (Score:3)
Apple and Microsoft control their own update process on all platforms; Google does not. It's the individual carriers who are getting in the way of Android updates.
Google set it up this way. According to the Google Play dashboard, 61% of people are v4.3 or lower. you know that 90% of them will never update. And the google play store only collects phones that visit the service, imagine the tens of millions "grandma's phone" people who use an android because that is the default cheap phone without making use of the play store. Sounds like a basket of fail to me.
https://developer.android.com/... [android.com]
Re: (Score:3)
Apple and Microsoft control their own update process on all platforms; Google does not. It's the individual carriers who are getting in the way of Android updates.
And who entered into the contracts with carriers saying who is responsible for what? Google can't dodge some form of culpability for this.
Use trunk or it is not my problem. (Score:3, Interesting)
The explanation I read elsewhere (RTFA quotes from different interview) sounds alot like the excuse of some incompetent developers: use trunk or it is not my problem!
If they had developed a small patch for the problem, I'm pretty sure OEMs wouldn't have a problem pushing it to the users.
But it seems they can't because as all developers working exclusively in the trunk, they have rewrote everything already several times, and looking at the old stuff is... wew! It's old! It's absolutely horrible! Use snapshot from the trunk!! We fixed everything!! It's all better!! We promise!! Honestly!!
Re: (Score:2)
If they had developed a small patch for the problem, I'm pretty sure OEMs wouldn't have a problem pushing it to the users.
Hahahahahahahahaha, seriously? This is fixed in 4.4 and the OEMs aren't rolling that out. What makes you think they'll roll out anything, especially because most manufacturers have a long history of not rolling stuff out?
I'm guessing Google just got tired of making patches nobody would ever see.
Totally agree (Score:2)
Android Patching (Score:3, Insightful)
Re: (Score:2)
Android 4.4 isn't really an update for me. Broken SD support is a deal breaker.
Wonder if cyanogenmod will backport the fix? Or is it time to switch from Dolphin to Firefox?
Solution: update the browser (Score:4, Informative)
Re: (Score:3, Insightful)
Re: (Score:3)
Re: (Score:3)
Ah, there's an entry on my Slashdot Bingo card: an irrelevant and inaccurate car analogy.
This isn't Google's problem. (Score:2, Informative)
If it was as easy as deploying an update to an apk through the play store, Google would do it. Google DOES do it. System updates are handled by the Carrier. We all know damn well that carriers do not have incentives to provide device updates. You should never expect an android device to receive major version updates. If thats important to you buy an apple device, just don't complain about bending.
In short, do your god-damned research before buying that shiny new brick.
To be fair... (Score:4, Insightful)
What are the chances that a vendor that declines to update 4.3 to 4.4 would be willing to do an update for a 4.3.x if Google bothered to do it.
I think it smells bad, but trying to target users with vendors holding back 4.4 but willing to do another 4.3.x update is tricky. This is why google moved toward moving stuff in a more modular fashion: to get the ability to update relevant portions without demanding the vendor get in the middle.
Do No Evil = Do Not Patch Old Android (Score:2)
After all, you might break something.
Google explains why... (Score:2)
But the summary does not. Sheesh.
Easy problem to fix (Score:3)
Good thing Android is open source! (Score:3, Funny)
We can patch it ourselves! Right? Right?!
Isn't Google's fault, or is it? (Score:3)
HW vendors are indeed not interested to provide upgrades for hw they no longer sell.
While that is true, it was Google's choice to allow binary device drivers for Android interaction by the vendors.
It are these proprietary device drivers which are preventing initiatives such as Cyanogenmod and others to provide a clear upgrade path.
It illustrates the big mistake Google makes in this regard (allowing binary drivers and focusing on Apache licenses).
The position of Google is strong enough to make a stance in the interest of the users (and the world) that all Android drivers should be OpenSourced... in that way the users can 'bake their own' and get their own responsability with respect to upgrades.
The current situation brings the responsibility upon unwilling HW vendors, unwilling providers and ultimately Google.
Sooner or later this is going to blow up into the face of Google because bigger security problems will one day be found!
It's time Google takes a stance for OpenSource software in the interest of the users and the larger common good (certainly now it's completely on par with their own interests)!
Re: (Score:2)
Why all the venom for Google? You don't see Microsoft releasing patches for Windows XP.
Windows XP wasn't released on July 24, 2013.
Re: (Score:3)
Are you being deliberately dense?
Okay, try this.
Windows 7 was released in 2009, and will get security fixes until 2020.
Even Windows Vista (released in 2007 for home) will get security fixes until 2017.
Let's look at phone versions instead:
Windows Phone 7 was released in October 2010 and left support in October 2014.
Windows Phone 8 was released in October 2012 and will be supported until January 2016.
Looks like Windows users are getting a little better support from their supplier.
Re: (Score:2)
Re: (Score:2)
4.4 is not the "patch". Not only it contains major redesigns of the software, but also it has different hardware requirements compared to previous 4.x versions.