Google has stopped patching of loopholes and security patch to its “Android System Webview” for it’s 4.4 Jellybean and prior versions.There was 11 active security threat reported to Google.
A group of researchers mailed about these flaws and Google quoted back-
“If the affected version [of WebView] is before 4.4, we generally do not develop the patches ourselves, but welcome patches with the report for consideration. Other than notifying OEMs, we will not be able to take action on any report that is affecting versions before 4.4 that are not accompanied with a patch.”
So, What is Android System Webview? How can it affect your smartphone? Is deleting Android System Webview is a Solution?
We will find out here.
What is Android System Webview?
Android System Webview as described by Google as a “System Component powered by Chrome to let apps display web pages.”
Now, let us understand Android System Webview in detail:
Smartphone users browse the internet as one of the primary use of the device.If you are one them, then congratulations you are using Android System Webview.There is a huge chance of you using it unknowingly and wondering ” What is Android System Webview?”
Android System Webview is a core component of the Android Operating System.This allows the web browsers and other third-party applications use to display web content.
It was replaced in KitKat 4.4 by a more powerful and secure chromium based Android System Webview.In Lollipop 5.0 it was developed as a standalone application.The standalone application receives patch directly from Google PlayStore but this left Android System Webview of JellyBean 4.3 and earlier with open security issues.
Why GOOGLE stopped fixing it?
The main reason behind this could be building new firmware for older Android running devices.This has a business tactic attached to this, Google is indirectly pushing its users to upgrade to its newer versions.Still, Google is ready to fix the issues if anyone submits the fixes to Google.Modernisation is required so Google is also taking them aside from this issue.
What Jellybean users and prior version users should do?
There are only 10.3% of users with Jellybean and lower in the market share.The users who are still running on Android Jellybean and lower should fix the issue of security issue.
Here is the distribution of the Android Operating System Market Share in 2017:
Then, what exactly you should do if you are still Jellybean to make yourself safe from Webview Security Exploit.
1.Update all your Apps.
2.Use Playstore for Apps downloading and updating.
3.Uninstall all 3rd party apps.
4.Use Google Chrome or Mozilla Firefox web browser
5.Make sure phone software is updated.
5.Never browse on native App browser (link defaults to Chrome browser)
For the rest of the users running KitKat 4.4 or higher are safe.Your OS is having the latest version of Android System Webview.Webview is a target to affect a large user base of the Android OS.Google is trying to keep the Android System Webview up to date in Lollipop 5.0.If an exploit is detected then Google can simply push an update through play store to fix the exploit.