Google’s recent Android distribution stats showed that Android 4.4 KitKat grew in market share while all older versions fell. There are still lots of folks using those older versions of Android, though, and unfortunately for them, there are some bugs that Google apparently doesn’t plan on addressing.
A new report details how there are some security issues with WebView in the default internet browser in Android 4.3 and earlier. Rafay Baloch, a security researcher, discovered some flaws in with the stock internet browser in fall 2014 and then reported them to Google. However, Google responded by saying, “If the affected version [of WebView] is before 4.4, we generally do not develop the patches ourselves, but welcome patches with the report for consideration. Other than notifying OEMs, we will not be able to take action on any report that is affecting versions before 4.4 that are not accompanied with a patch.”
This bug isn’t present in Android 4.4 or Android 5.0, which include newer Chromium-based flavor of WebView.
While users on Android 4.3 or earlier certainly can download Chrome or another browser to use instead of the stock one, there are a lot of folks that don’t know that and so they just stick with whatever’s stock. Whether or not Google will go back and address some of these bugs now that this report is out remains to be seen, but here’s to hoping that this news at least prompts folks to consider another browser if they’re on Android 4.3 or older.
What do you think of today’s report? Should Google update stock apps like Android’s old browser if security flaws are discovered?