Almost one billion Android users are vulnerable to a security bug

Android
Uh oh

It's been revealed that almost one billion Android handsets are currently at risk from a security vulnerability.

Said vulnerability affects phones that are running versions of Android below 4.4 KitKat, which is about 939 million handsets.

All was revealed by security expert Tod Beardsley, a Rapid7 analyst, who explained that the problem lies with Android WebView, reports BGR. This dated bit of software allows apps to show web pages without having to open up a different application.

Google replaced this software with KitKat, but for anyone running Jelly Bean or an older version of Android, it doesn't sound like Mountain View is interested in fixing the problem.

No can do

Google's response to Beardsley was as follows: "If the affected version [of WebView] is before 4.4, we generally do not develop the patches ourselves, but welcome patches with the report for consideration. Other than notifying OEMs, we will not be able to take action on any report that is affecting versions before 4.4 that are not accompanied with a patch."

Due to the nature of Google's fragmented updates, many users are left using old versions of software; around 60% of Android devices currently run Jelly Bean or lower.

If you're running 4.4 KitKat or Lollipop then you've got nothing to worry about. Otherwise you're best updating as soon as possible, or maybe just getting yourself one of these.

Hugh Langley

Hugh Langley is the ex-News Editor of TechRadar. He had written for many magazines and websites including Business Insider, The Telegraph, IGN, Gizmodo, Entrepreneur Magazine, WIRED (UK), TrustedReviews, Business Insider Australia, Business Insider India, Business Insider Singapore, Wareable, The Ambient and more.


Hugh is now a correspondent at Business Insider covering Google and Alphabet, and has the unfortunate distinction of accidentally linking the TechRadar homepage to a rival publication.