Android Security Update Audit

Subscribe to Vulnerability Updates
  • This is a static report and therefore not updated automatically, which means that out-of-band updates are not included. However, you can adapt the query to your own needs.

Discover Android Devices with an Outdated Security Patch Level

Discover devices in your IT environment that have an outdated security patch level. Every month, Google released a new Android security update which contains details of all the security-related issues that are being fixed in that month's security update.  Mobile devices contain some of the most sensitive information, therefore it is critical the latest security patches are applied if possible.

Lansweeper scans mobile devices using Microsoft Intune and with it, retrieves the security patch level of Android devices. In the July 2019 security update, 33 vulnerabilities were found, 9 of which had a critical severity rating. You can find more information about in the July 2019 security patch update blog post.

Android Security Update Query

Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tsysAssetTypes.AssetTypeIcon10 As icon,
  tblADusers.Username,
  tsysAssetTypes.AssetTypename As AssetType,
  tblIntuneDevice.Manufacturer,
  tblIntuneDevice.Model,
  tblIntuneDevice.OperatingSystem As OS,
  tblIntuneDevice.OsVersion,
  tblIntuneDevice.AndroidSecurityPatchLevel As [Security Patch Level],
  Case
    When GetDate() >= DateAdd(month, DateDiff(month, 0, GetDate()), 4)
      And Cast(tblIntuneDevice.AndroidSecurityPatchLevel As datetime) >=
      DateAdd(month, DateDiff(month, 0, GetDate()), 4) Then 'Up to date'
    When GetDate() < DateAdd(month, DateDiff(month, 0, GetDate()), 4) And
      Cast(tblIntuneDevice.AndroidSecurityPatchLevel As datetime) >
      DateAdd(month, DateDiff(month, 0, GetDate() - 30), 4) Then 'Up to date'
    Else 'Out of date'
  End As [Security Patch Status],
  Case
    When GetDate() >= DateAdd(month, DateDiff(month, 0, GetDate()), 4)
      And Cast(tblIntuneDevice.AndroidSecurityPatchLevel As datetime) >=
      DateAdd(month, DateDiff(month, 0, GetDate()), 4) Then '#d4f4be'
    When GetDate() < DateAdd(month, DateDiff(month, 0, GetDate()), 4) And
      Cast(tblIntuneDevice.AndroidSecurityPatchLevel As datetime) >
      DateAdd(month, DateDiff(month, 0, GetDate() - 30), 4) Then '#d4f4be'
    Else '#ffadad'
  End As backgroundcolor,
  tblIntuneDevice.SubscriberCarrier,
  tblIntuneDevice.Imei,
  tblIntuneDevice.SerialNumber,
  tblIntuneDevice.EnrolledDateTime,
  tblIntuneDevice.LastSyncDateTime,
  tblAssets.Lastseen,
  tblAssets.Lasttried
From tblAssets
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tblAssetCustom On tblAssetCustom.AssetID = tblAssets.AssetID
  Inner Join tblState On tblState.State = tblAssetCustom.State
  Inner Join tblIntuneDevice On tblIntuneDevice.AssetId = tblAssets.AssetID
  Left Join tblADusers On Lower(tblIntuneDevice.EmailAddress) In
    (Lower(tblADusers.email), Lower(tblADusers.UPN))
Where tsysAssetTypes.AssetTypename = 'Android' And tblState.Statename = 'Active'
Order By tblAssets.AssetName

 

Audit and Take Action in 3 Easy Steps

Download-Install-Lansweeper

1. Download & Install Lansweeper

Download Lansweeper

Lansweeper-Network-Discovery

2. Scan Your Network

Configuring the First Run Wizard

Overview of Scanning Methods

Save-and-Run-the-Report

3. Run the Audit & Take Action

How to Run an Audit

Download Lansweeper to Run this Audit

Download Lansweeper

Product

Key Features

Company

Partners

Resources

Contact

Talk to Sales

Help Center

Get your hands on the latest news, vulnerability updates & network reports.
  • Hidden
  • This field is for validation purposes and should be left unchanged.
Facebook Twitter Youtube Linkedin Reddit