But there is both good and bad news. The bad part is that the vulnerability enables eavesdropping and manipulation without the intrusion being noticed in the network. An attack of this type deceives the user that the information being sent is direct, but in fact may contain various types of manipulations – for example, malicious software.
The good news is that the vulnerability is not easy to exploit. It would take around a minute to attack a single user, which is not very practical for hackers who prefer to attack a larger group of users. In other words, this type of attack is more suitable if you are looking to hack a specific person.
Google has announced that the company’s engineers are well aware of the security hole and that they are “taking appropriate security measures”. After all, the bug is already patched in later versions of Linux and an Android patch will not be too long.