Android
smartphones and tablets running older versions like the 4. 3 or below,
are now going to have to live with a security flaw as Google has no
intention of fixing it.
According
to a report by The Wall Street Journal, Google is no longer fixing
bugs in the default browsers for Android versions 4.3 and earlier. This
covers roughly two-thirds of the billion-plus Android devices in use,
according to Google, but some users may have downloaded different,
updatable browsers.
The
main reason why the company is reluctant to fix the bug is because it
feels that it is no longer feasible to safely patch vulnerable Android
versions of 4.3 and below. Solving the issue would require several code
lines which will in turn create massive problems, especially for
developers as they make uncountable tweaks to the Android OS every few
days.
Unfortunately,
as a small percentage of Android devices run Android 4.4 KitKat and
barely 0.1 percent run on the recently launched Android Lollipop, that
leaves a larger chunk faithful to the older Jelly Bean version.
The
consequence of having such a large number of users on Android 4.3
leaves them vulnerable to hackers who target millions of smartphones and
tablets every year. Adrian Ludwig, head of Android security mentioned
in a Google+ post that, “Keeping software up to date is one of the
greatest challenges in security.” He added that, “As the browser app is
based on a version of the WebKit browser engine that’s now more than two
years old, fixing the vulnerability in Android Jelly Bean and earlier
versions is “no longer practical to do safely.”
The
report by Wall Street Journal also pointed out that users of older
Android phones generally can’t upgrade their operating software
wholesale unless the update is offered by the device maker or wireless
provider.
Contradictory,
earlier reports suggest that Google had revealed new bugs in
Microsoft’s Windows 7 and 8.1. The company has revealed two bugs, one of
which allows attackers to impersonate a user and decrypt data on
Windows 7 and Windows 8.1 machines. The second vulnerability allows
attackers to impersonate a user and access the machine’s power
functions. This security bug affects only Windows 7.
Posted by : Gizmeon
No comments:
Post a Comment