Google rushes out emergency fix for Android rooting exploit but most phones remain at risk
http://www.zdnet.com/article/google-rushes-out-emergency-fix-for-android-rooting-exploit-but-most-phones-remain-at-risk/
Google is trying to stamp out rooting apps that exploit an unpatched Linux kernel bug affecting all Android devices.
Google can't patch the vast majority of Android devices but it has judged that a number of rooting apps are dangerous enough to warrant an unscheduled patch for its own Nexus products.
According to an advisory on Friday, the unnamed rooting apps, which are available in Google Play and outside its app store, could lead to a "local permanent device compromise". Repairing the device would require reflashing the operating system.
Google was planning to patch the issue in an upcoming scheduled monthly update but pushed it forward after researchers at security firm Zimperium reported last week that the bug had been abused on a Nexus 5. Google then confirmed that a publicly available rooting app could also compromise the Nexus 6.
more at link