A day after Google publicized a flaw in Windows 8.1 before Microsoft could do anything about it, news broke about a security vulnerability in Android that the Mountain View company, well, won't fix at all. Rafay Baloch, an independent researcher, and Joe Vennix, an engineer at Rapid7 (a security and data analytics firm)found a serious bug in the WebView component of Android 4.3 and below. It's an older bit of software that lets apps view webpages without launching a separate app, and the bug in question potentially opens up affected phones to malicious hackers. Android 4.4 and 5.0 are unaffected by the bug, but as 60 percent of Android users -- that's close to a billion people -- still use Android 4.3 or lower, it still affects a lot of people. Unfortunately, as Tod Beardsley, a Rapid7 analyst, found out, there's no easy way for Google to fix it.

http://www.engadget.com/2015/01/14/g...ndroid-phones/