About a quarter of users with devices Android, uses the latest version of Android 4.4. Everyone else uses older versions.
Their systems are not upgraded as the device manufacturers are unable to provide timely updates to the devices. This often creates security problems. A recently discovered security flaw in the Android Browser reminds us why manufacturers' difficulty in providing updates is a major problem. Android Browser is the default program tours on the web for devices with Android. This changed after the release Android 4.2 when preset browser became the Chrome.
Google changed to Chromium by Android 4.4 and this means that anyone who does not use 4.4 is exposed to the bug.
What causes vulnerability
When you visit a webpage, you can expect to quickly provide its content. A script that runs on the webpage should, for example, not be able to modify the content of another webpage. This is the defect found to be happening in Android Browser.
The Same Origin Policy (SOP) (or Greek Policy of Same Origin) is a security mechanism designed to prevent JavaScript from running from one web page to another. JavaScripts running on malicious sites should not be able to retrieve data from "good" sites.
This is happening in Android Browser όταν το πρόγραμμα browsing χρησιμοποιείται από εφαρμογές που θα μπορούσαν δυνητικά να κλέψουν ευαίσθητα δεδομένα. Δεδομένα όπως τα cookies μπορεί να κλαπούν από την συγκεκριμένη ευπάθεια.
Check your device
To check if your device is vulnerable visit the following website and click on button test to find out if you are affected.
If you get a pop up message, that browser you are vulnerable, be sure to change immediately browser.
The problem
Google is working on a patch to fix the problem. But placing the patch on the end user will be complicated. The main reason is that for this kind of updates the responsibility lies with the manufacturer of the device.
Considering that device support usually ends after two years, it is unlikely that all vulnerable devices will receive the update.
To make things even worse, switch to another browser such as Firefox or Chrome on the affected devices only solves part of the problem. Although the browser will be safe, applications running on the device may still use the default browser that is of course the Android Browser.
