A vulnerability that impacts the WebView control in Android applications can be leveraged by cybercriminals to install malicious software on users’ devices, researchers warn.
According to AVG Technologies experts, the security hole affects devices running versions older than Android 4.2.
Hackers can exploit the flaw by tricking users into clicking on a link from a vulnerable application that allows opening a Java-enabled browser or webpage.
To avoid exposing their customers to such attacks, developers are advised not to assign any unsafe functions. Users, on the other hand, are recommended to refrain from downloading applications from untrusted sources.
Additional technical details are available on AVG’s blog.