Security → Is this article FUD?

So this went from an MS fud article to Apple vs. Android?

Don't blame me i didn't do it this time i SWARE!!!

He did it »i.dslr.net/nav/w50/12/42 ··· 1242.gif ......

But how can you patch the webview component? That's on the /system partition, nothing can touch that partition except for an OTA update.

The Android webview component is like mshtml.dll on Windows. It's part of the core Windows system and nothing can update that except for an approved update from Microsoft.

it gt patched like latest time was maybe 4 days ago on mine

your wrong about that as of

In older versions of Android (4.3 and below), WebView uses code based on Apple's Webkit %u2014 the same tech behind the Safari browser. In Android 4.4 and above, WebView is based on Chromium, the open-source base of Google Chrome (which uses Google's Blink engine.). In Android 5.0, WebView was broken out as a separate app, presumably to allow timely updates through Google Play without requiring firmware updates to be issued.

After 4.3 it became a seperate app and is patched way more often.

Sorry after 5.0 in 4.4 the code base changed and it was patched more often Left above for transparency as i missed it at first

I stand corrected. But there's more to Android than just WebView. There's the kernel, chipset drivers that are linked to the kernel, etc. If those don't get proper attention from the Android OEMs the system as a whole can be exploited. It's just like if a vulnerability is found in nVidia's graphics card driver, a program can take advantage of the vulnerability and exploit it to gain system level privileges.

This is why devices need proper patching throughout the entirety of the software chain, from the operating system up through the chain to the programs that run on it. The whole system can be broken if one link in the chain is weak.