Even without going conspiracy theory it fits very well as a simple marketing message. “We try hard at security and we do a good job of it. Here’s our newest tool.”

Personally I didn’t read it as a swipe against Android. If it was I don’t personally know what attack(s) it’s referring to outside of the possibility of malware installed by the vendor.

But if it’s installed by the vendor, they can really do anything can’t they. That’s not really a security breach. Just trust.

It's aligned with their previous statements they've made about Android. It doesn't really fit here because the mitigation described is not really protecting users from widespread malware attacks.