Android has been in the news for all the negative reasons lately related to security vulnerabilities in various parts of the operating system. The biggest one so far has been the StageFright bug for which Google have created a fix for Nexus devices but it has yet to be rolled out to the 900+ million Android devices in the wild.
The vulnerability effects parts of Android or apps where videos are pre-loaded. This can allow attackers to potentially take over the device and use it for malicious intentions along with stealing valuable information. Google, Samsung, HTC and other OEMs have announced plans to roll out security fixes but how effective would the roll out be? It is yet to be seen.
Already being touted as the biggest software update in history, 950 million Android users are at a security risk. Quick workarounds include: to not use the Hangouts app which allows this vulnerability to be invoked via text messages or to disable auto-MMS retrieval from system settings. Users running version of Android older than 4.0 are at a bigger risk, while later than this will have some sort of protection but it still is not enough.
To really protect all the users, Android OEMs would have to push fixes to even the oldest Android phones. This has never happened before. In a world where Android is notoriously popular for not updating older devices, this is an uphill task and might take weeks/months or years depending on your OS version.
For now, users can see if their particular version of Android is vulnerable to the patch or not or if it needs an update. Zimperium, the company which is responsible for discovering the bug has developed an app which runs tests on your Android device to verify if it is vulnerable or not. If you are on Android, you should really download this free app and run it on your phone to test it for the vulnerability.