I'm still not convinced. I was looking at new TVs last week, and noticed that the latest Sony sets run 'Android TV', in other words - if I understand right - they are basically big Android tablets with a TV tuner. Now I tend to keep a TV for at least 8-10 years, but what chance realistically is there that Google will still be turning out updates for a 10 year old OS and even if they do, what chance Sony will find time to tailor it to their 10 year old sets, do all the testing, and roll it out?
That's not just an Android or a Sony issue. I'm sure most, if not all, modern TV sets are controlled by a computer system of some kind, probably Linux
Please do correct me if there's something I am missing but, on my current understanding, I would argue that It's a bigger issue for the android based platforms for two reasons...
1) Even if a set-maker decides that a critical fix is needed they can't fix it, they have to wait for Google to produce an android update. And for older versions of android, Google may not bother. That's not such an issue for phones which are generally short-lived but I think most folks, like me, expect a TV to remain usable a lot longer than a phone.
2) And even if Google were to decide that Android TV had a desperately important flaw, and distribute affected android updates to set makers, the set makers would have big overheads testing compatibility with ancient hardware, and so may not bother to distribute it.
In contrast, for Smart TVs that use an in house customised 'raw' Linux as opposed to android, the set maker ought to be able to decide on the merits of a flaw and push out a fix quite quickly, with no reliance on anybody other than the Linux kernel and open-source updates. Just as happens (or at least can happen) with Linux-based router vulnerabilities and the likes.
There is also the consideration that, for malicious software, the bad guys are much more likely to focus attention on a huge and fairly static platform like a widely used (but perhaps old) version of android, rather than looking for attacks on individual TV sets from a huge pool of different kernel versions.
As I say, just my understanding, may have some learning to do. I'd never heard of 'Android TV' till last week, when I started to vaguely look for a new TV.