Other than the Nexus mobile devices sold through the Google Play Store, though, Google can't directly update Android over the air. Google is dependent on the hardware makers to update their devices, and, in turn, sometimes the hardware makers are dependent on the mobile carriers to pass through the updates. In contrast, Apple can update its devices more quickly because it controls all the hardware and all the software. Does that mean that Android is at greater risk for security exploits? We don't know. Android is an open source project. Security researchers as well as cybercriminals are drawn to read the source code for different reasons one to protect, the other to compromise. Android exploits receive a lot of attention because its openness makes good subject matter for commercial and academic security research. Other platforms such as iOS aren't as accessible, so they aren't as frequently discussed.
But no one knows the relative safety of the three different mobile platforms: iOS, Android or Windows 10 Mobile. Google has been reporting Android malware since the Virus Bulletin conference in 2013. Beginning this year, Google began to comprehensively and quantitatively report Android's safety. The Android Security 2014 Year in Review [pdf] breaks down the frequency and types of Android exploits, and pegs fewer than 0.15 percent of devices using the Google Play store have any kind of potentially harmful app installed. Apple and Microsoft don't report exploits affecting their platforms, making comparison impossible.
Sign up for Computerworld eNewsletters.