AVG Security expert reported a critical vulnerability in Android’s WebView feature that allows an attacker to install malicious software, send SMSs, steal personal information and more. Users can be infected when they click on a URL link using a vulnerable application that allows opening a Java enabled browser or web page. Users are advised to upgrade to Android 4.2 or higher and download applications only from Google Play. All the applications running on Android. 4.1 or older could perform malicious tasks and users should upgrade.
Source: https://thehackernews.com/2013/09/android-webview-vulnerability-allows.html