Compared to the iPhone's closed ecosystem, in which Apple builds and serves all software updates, Androidis a lot less centralized. This means security flaws found on devices not built by Google are sometimes not addressed effectively.
To tackle the issue, Google has launched the Android Partner Vulnerability Initiative (APVI) - a security program designed to tackle security flaws on devices outside the Pixel range.
“The APVI covers Google-discovered issues that could potentially affect the security posture of an Android device or its user and is aligned to ISO/IEC 29147:2018 Information technology — Security techniques — Vulnerability disclosure recommendations,” the company explained.
The program represents the latest in a long line of improvements Google has made to protect Android users. There's also the Android Security Rewards Program, as well as the Google Play Security Rewards Program, both of which allow devs to report vulnerabilities directly to Google.
Alongside the announcement, Google also revealed it had discovered a few vulnerabilities in certain bloatware applications, including one browser flaw that could potentially expose user data (which has now been patched).
Those interested in tracking the program's progress can do so here. On this page, Google will list all of the vulnerabilities discovered through the program - and some are already listed.