A critical vulnerability affecting millions of Android devices could let a hacker take control of a smartphone. The vulnerability is in the way the mobile operating system handles certificate validation. An attacker can create an app with a fake identity to gain the same privileges granted to the developer of the legitimate app. An Adobe plug-in and Google Wallet are examples of apps with lots of privileges that could be exploited. A patch is available, but whether Android users have had the opportunity to update their phones depends on how quickly their carrier pushes out the patch.”]
Source: https://www.csoonline.com/article/2459445/android-users-warned-of-critical-vulnerability.html