Security industry experts have found vulnerabilities in Google’s Android 4.3 Jelly Bean which could put hundreds of millions of users the smartphone and tablet operating software at risk.
Google is about to change its policies and will no longer be developing security for the webview element of Android which displays websites on the pre 4.4 KitKat editions of its mobile OS, downgrading protection of personal data on software which is still widely distributed across the world. Around 46% of Android users are still using 4.3 Jelly Bean and around 15% are using even earlier versions including 4.0 Ice Cream Sandwich and a handful on 2.2 Froyo.
All of these are threatened by the change in Google’s diminished stance on security according to Rapid7 in a report to the BBC.
The researchers state in the report that over 930 million Android users will be affected and refer to it as “great news for criminals”. Google has made no official statement to address why the decision has been made to make such a risky backwards step but an insider at Google’s security team actually said they would welcome a patch from Rapid7 if one were to be developed by them. But Google will be putting no effort into securing its customers off its own back and focusing only on Android 4.4 KitKat and the latest version 5.0 Lollipop.