Google has no plans to fix web security issue for older Android versions

Android smartphones and tablets running older versions which include version 4. 3 or below, are now going to have to live with a security flaw as Google has no intention of fixing it.


Android smartphones and tablets running older versions like the 4. 3 or below, are now going to have to live with a security flaw as Google has no intention of fixing it.

According to a report by The Wall Street Journal, Google is no longer  fixing bugs in the default browsers for Android versions 4.3 and earlier. This covers roughly two-thirds of the billion-plus Android devices in use, according to Google, but some users may have downloaded different, updatable browsers.

The main reason why the company is reluctant to fix the bug is because it feels that it is no longer feasible to safely patch vulnerable Android versions of 4.3 and below. Solving the issue would require several code lines which will in turn create massive problems, especially for developers as they make uncountable tweaks to the Android OS every few days.

Unfortunately, as a small percentage of Android devices run Android 4.4 KitKat and barely 0.1 percent run on the recently launched Android Lollipop, that leaves a larger chunk faithful to the older Jelly Bean version.

The consequence of having such a large number of users on Android 4.3 leaves them vulnerable to hackers who target millions of smartphones and tablets every year. Adrian Ludwig, head of Android security mentioned in a Google+ post that, "Keeping software up to date is one of the greatest challenges in security." He added that, "As the browser app is based on a version of the WebKit browser engine that's now more than two years old, fixing the vulnerability in Android Jelly Bean and earlier versions is "no longer practical to do safely."

The report by Wall Street Journal also pointed out that users of older Android phones generally can’t upgrade their operating software wholesale unless the update is offered by the device maker or wireless provider.

Contradictory, earlier reports suggest that Google had revealed new bugs in Microsoft’s Windows 7 and 8.1. The company has revealed two bugs, one of which allows attackers to impersonate a user and decrypt data on Windows 7 and Windows 8.1 machines. The second vulnerability allows attackers to impersonate a user and access the machine’s power functions. This security bug affects only Windows 7.

Find latest and upcoming tech gadgets online on Tech2 Gadgets. Get technology news, gadgets reviews & ratings. Popular gadgets including laptop, tablet and mobile specifications, features, prices, comparison.