From Forbes it is mentioned that nearly 1000 billion Android smartphone users Those who do not have the latest version of Lollipop on their system are at risk of malicious attacks because Google will not continue releasing updates for the WebView tool for Android versions 4.3 and below.
Rapid7 firm discovered that Google began the process of terminating last year's WebView support for devices other than Android 5.0 Lollipop. WebView is commonly used in Android, a rendering engine based on WebKit, which displays websites without having to open another application. Apart from the fact that it is one of the vectors most frequently used for remote code execution for vulnerabilities in Android, which means that it can be used as a pathway by attackers for Microsoft platforms, which means that the lack of updates future problems will become a real problem for Android users who do not have Lollipop.
0.1% of users with Android 5.0 Lollipop
Anyway, Google would release future security updates for WebView if the patch comes from a developer third-party, which this firm called Rapid7 calls it a rather strange move for a company of this entity.
Google got rid of WebView by removing it from the operating system when it released Android Lollipop in the past months. If you add to the fact that you have to have Lollipop for automatic downloads, and fragmentation on Android, that in the latest figures only 0.1 percent of users have Lollipop, this problem may seem bigger than it is.
The problem for users with Android 4.3 or lower
Android 4.3 or lower users may be reassured because attackers they may encounter certain limitations when trying to sneak through WebView. Forbes itself clarifies that for an attack to be carried out successfully, they would have to access the code that was displayed on a web page by a selected app.
One of the ways that the user has to avoid this is not to install unknown applications and only perform this action from the Play Store. Something that implies that certain app repositories suffer the consequences and many users wonder if this is really the best way to install the best Android apps.
The other way is that Google invests effort, time and resources so that millions of users were not in danger, and more if it is Google itself that claims that users always come first.
