It seems that some Android smartphone makers are lying to users about the patch status of their devices, telling them that they're up-to-date when they aren't.
Here's how to find out if your Android smartphone is lying to you.
The first step is to take a trip to the Google Play Store and download SnoopSnitch, an app developed by Security Research Labs, the company behind the report that first discovered that Android smartphone makers weren't being truthful with users in the first place.
The app is free, and download and installation takes only seconds.
Once the app is downloaded, run it and then click on Android patch level analysis which appears at the top of the screen, and then on Start test.
The next step takes some time because the app needs to chunter through your device checking whether the patches that the operating system claim are installed have actually been installed. Based on my testing using a few different devices, this part took me a few minutes, so don't go doing this if you're in a rush or busy with something else.
Here's where we get to the good, the bad, and the ugly, because SnoopSnitch will outline not only vulnerabilities that have been patched, but also patches that are missing, as well as new vulnerabilities that have yet to be patched.
The app will also highlight the status of any vulnerabilities that SnoopSnitch is unsure about.
For more information on the results, consult the pretty detailed FAQ that Security Research Labs has put together.
Note: SnoopSnitch also claims to be able to detect "stingray" phone trackers, but research suggests that this feature may be inaccurate and useless.
It's really a case of letting the chips fall where they may.
If everything is patched, then great. If not, then at least you get an idea of how far behind your device maker has fallen with software updates.
This may prompt you to buy a new device, and maybe even choose to buy from a different maker in future.