People with Android smartphones and tablets running older versions of the mobile operating system -- around 60 percent of all Android users -- are going to have to live with a security flaw Google has decided not to fix.
A known security bug in the default, unbranded Web browser for Android 4.3 Jelly Bean and older versions of Google's mobile OS will go unpatched, Google's chief of security for Android wrote in a Google+ post on Friday.
"Keeping software up to date is one of the greatest challenges in security," Adrian Ludwig wrote. Because the browser app is based on a version of the WebKit browser engine that's now more than two years old, fixing the vulnerability in Android Jelly Bean and earlier versions is "no longer practical to do safely," he wrote.
Google confirmed on Saturday that Ludwig's post is the company's official position on the matter.
Source:
