Just when you thought you had safeguarded your mobile device from any misuse, a new threat emerges. For Android users, it’s a big one. Todd Beardsley of Rapid7 has recently discovered a security bug that allows cyber criminals to access a smartphone user’s data. This bug exists within a certain version of WebView, which allows users to see web pages on their smartphone screens. Although this security problem is widespread, Google has responded that it will take no action to fix it.
The bug exists in phones operating on Android 4.3 and below, and allows hackers to control your smartphone. Although Android 4.4 and 5.0 users are not vulnerable to this risk, this issue affects approximately 60 percent of Android users – almost a billion people worldwide. When Beardsley initially reported this problem to Google, he was surprised by the company’s lack of concern. With 930 million devices using WebView, he says, “Unfortunately, this is great news for criminals for the simple reason that, for real bad guys, pretty much everything is in scope.”
Google’s official response is that their policy is not to develop fixes for older software versions, but it can notify people of the risk and others are welcome to create their own fixes. To date, there are no known patches you can download to address this issue. There is; however, one way to ensure your safety if you possess an affected smartphone. Simply download and install a newer version of the operating software. Although this is an easy fix, a startling amount of people will never hear about this threat or how to protect themselves. If your smartphone or tablet runs Android 4.3 or earlier, we encourage you to update your Android Operating System sooner than later.