It has taken Google three years to close a vulnerability in Chrome for Android, which was discovered back in spring 2015 and reported here to Google, writes ZDNet.
Through the vulnerability, hardware data about the various smartphones was leaked – including for instance the device’s security level.
The vulnerability was reported to Google in May 2015 and later in the year described in this blog entry .
But then nothing happened until Google’s own Chrome people rediscovered the vulnerability after a few years, and important data was leaked through it.
According to ZDNet, Google generally released an update in mid-October 2018 – but this is not complete, it says.
“Most users are not directly affected, but users who value their privacy should pay attention to leakage and use a browser other than Chrome and WebView,” ZDNet writes.