Google needed more than three years to patch a flaw in Chrome for Android
On the last day of May 2015, a report concerning a bug discovered in Chrome 43 on Android 5.1 Lollipop was published here. Its name — Chrome on Android reveals the exact model and OS version of the device used via user agent — is suggestive and Google engineers should have been worried about the possible effects of this vulnerability. However, it seems that they still need some time to take care of it properly.
At the end of September 2015, Nightwatch Cybersecurity published an in-depth research article concerning the aforementioned bug. According to a much more recent report by the same security organization, Google came up with a partial fix in October 2018. Back then, Chrome 70 for Android removed the firmware build information from the set of exposed information. Unfortunately, the device model number can still be accessed by using the same method.
Since we are already in 2019, we can only hope that Google will finally address this flaw before it gets as old as four years. Obviously, some might not consider it that much of a hassle, but it's always better to know that a certain threat — small or not-so-small — has been ironed out.
Do you think that this kind of issue should be considered a minor one or not? Is Google doing enough to keep our Android devices safe? Feel free to let us know what you think in the comments section below, as usual.