Apple's iPhone running versions of iOS older than 4.3, which shipped in March of this year, gets an honorable mention as the 13th most-vulnerable phone due to their age and end-of-life status, which ends or restricts updates, the report said.
Because Android is a more open operating system and open development process, owner Google shepherds the development work of others, rather than controlling everything itself.
That leaves the market open to new developers, but also means less control over how often manufacturers apply patches.
On average, it took makers of Android devices six months to update all their devices to a new version of the OS – delays that put customers directly at risk, Svedlove said.
Samsung has the longest lag time of any major manufacturer, followed by HTC and Motorola in a close heat for second- and third-worst.
- The Dirty Dozen, in order are:
- Samsung Galaxy Mini
- HTC Desire
- Sony Ericsson Xperia x10
- Sanyo Zio
- HTC Wildfire
- Samsung Epic 4G
- LG Optimus S
- Samsung Galaxy S
- Motorola Droid X
- LG Optimus One
- Motorola Droid 2
- HTC Evo 4G
Read more of Kevin Fogarty's CoreIT blog and follow the latest IT news at ITworld. Follow Kevin on Twitter at @KevinFogarty. For the latest IT news, analysis and how-tos, follow ITworld on Twitter and Facebook.