Most people with Android smartphones or tablets are now left exposed to a security flaw because Google has announced it will not be fixing it.
The default browser of Android 4.3 Jelly Bean has a known security flaw in the older versions of Android and it is estimated that almost 60% of all users of Android still use this unbranded Web browser.
Adrian Ludwig, Google’s chief of security for Android, commented on the issue in a Google+ post that he recently wrote. Ludwig stated: “Keeping software up to date is one of the greatest challenges in security”.
Ludwig’s post, which Google claims is the company’s official position on the issue, continues that since the flawed app is built on a Webkit browser engine that is over two years old, it is no longer safe or practical to fix the flaw in Android Jelly Bean and its even older versions.
With hundreds of millions of Android users running the older version of Android Jelly Bean, it seems Google’s decision to leave the vulnerability unpatched has raised fears from security experts who claim that hackers can now attack this huge number of people.
Google, on the other hand, believes this number is getting smaller because almost 40% of Android users are on the new version of Android; 4.4 KitKat while the Android 5.0 Lollipop, released recently in November, is being used by just under 1% of Android users. While the hundreds of millions of people using flawed Jelly Bean version with the flaw in its default browser represent 60% of all users, security experts believe this is a major issue.
One solution to this problem is for users to replace their phones or tablets. This is not always an easy option for all users since the latest phones running Android 5.0 sell at prices like $649.99 for the Nexus. At the same time, people will find mobiles on Amazon selling at barely one tenth of the price but they carry the older version.
Another solution would be for Android users to switch to a different web browser like Google Chrome and hope that new app developers will restrict content on their apps.