More than 60% of Android users are currently exposed to a security flaw that Google says it will not fix, according to Adrian Ludwig, Android’s chief of security.
Google won’t patch known Android security issue
There is a known security issue in the default web browser for Android 4.3 (Jelly Bean) and older versions that will not be patched, said Ludwig in a Google blog post this weekend. That means more than 60% of Android devices in the wild, according to the latest data on Google Dashboard (see image below).
“Keeping software up to date is one of the greatest challenges in security” Ludwig said. And as the browser uses an older version of the WebKit browser engine (more than two years old), fixing the issue is apparently “no longer practical to do safely” he wrote.
Google has since confirmed Ludwig’s statement since the post.
The statement has made waves among security experts, worried that hackers will be able to gain access to the hundreds of millions of people still on older versions of Android. Ludwig does state in his post that the number of people affected is “shrinking every day”, but it’s just not fast enough.
The latest version of Android, Lollipop (version 5.0 of Android) accounts for less than 0.1% of all Android devices in use today. Unfortunately, the solution for many people isn’t just to buy a newer phone that runs Lollipop, simply due to the high cost of the latest phones. However, smartphones that run older versions of Android are still available as new for a fraction of the price.
It’s not all doom and gloom though, as the solution for anyone stuck on Android 4.3 is to use a different web browser, such as Google’s own Chrome, or Firefox. Unfortunately, just changing which browser you use won’t completely address the issue, because it also affects apps which use the default browser to display web content.
We’ll just have to wait and see if Google back peddles on this one.
RELATED: Best Anti-Virus App for your Android