Over the past couple of days, there have been reports of a new Android bug that reveals a user's authentication details for Google services like Calendar and Contacts when the device accesses an unsecured WiFi network. The issue affected anyone that wasn't running version 2.3.4 of Gingerbread, which is around 99 percent of all Android users. Luckily, Google's figured out a way to correct the problem quickly. Rather than having to send out an update to every Android user, the company is pushing out a server-side fix that'll be rolling out over the next few days. This means that users don't need to worry about downloading anything and Google doesn't need to worry about dealing with carriers or manufacturers. Google issued a statement explaining the update:
“Today we’re starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts. This fix requires no action from users and will roll out globally over the next few days.”
Unfortunately, this Android bug also affects a user's Picasa account and the fix that Google is issuing doesn't patch up that particular hole. The company says that it's still looking into a solution for the problem. Still, it's pretty great to see Google responding to the problem so quickly and that it was able to deploy an update to correct most of the problem without making Android users wait for an update to be pushed to them.
Via This is my next