An application that allows users to gain full control — root access — over their Android devices is taking advantage of a security flaw in the Linux kernel that has remained unpatched in Android since its discovery two years ago. The bug was originally fixed in April 2014, but wasn’t flagged as a vulnerability until February 2015. Google started working on a patch that was scheduled to be included in a future monthly update, but then on Mar 15 researchers from mobile security team Zimperium alerted the company that this vulnerability was already being used to root devices.”]