When the Linux “Keyrings” vulnerability landed yesterday, headlines said it would affect “millions” of devices, partly because it was thought to be widely present in Android as well.
El Reg wondered at this, because it’s not part of the recommended Android kernel configuration, so we’re going to be a little bit smug: however many ‘droids are vulnerable, it’s not likely to be “66 per cent”.
Google’s Android security lead, Adrian Ludwig, has promised a fix by March 1. That’s the bad news.
The good news: “We believe that the number of Android devices affected is significantly smaller than initially reported.