Software update delays are an inevitability because of the way the Android ecosystem is built, but these delays aren’t just an annoyance for Android users — they can be dangerous. A bug was discovered by security researcher Rafay Baloch in early September, and it caused Android’s stock web browser to fail to enforce same origin policy (SOP), which is a protocol that governs how browsers securely load content from multiple sources. The bug impacted all pre-KitKat devices, and it was patched fairly quickly by Google.
But because it takes so long for handset makers and carriers to test and distribute Android updates, a new study has determined that nearly half of all Android phones are still affected by the bug. More →