Bad guys can take advantage of a vulnerability that impacts the WebView control in Android applications to install malicious software on users’ devices, researchers said.
The security hole affects devices running versions older than Android 4.2, said researchers at AVG Technologies.
Hackers can exploit the flaw by tricking users into clicking on a link from a vulnerable application that allows opening a Java-enabled browser or webpage.
To avoid exposing their customers to such attacks, developers should not assign any unsafe functions. Users, on the other hand, should refrain from downloading applications from untrusted sources.