We posted a report earlier about a security issue in almost all Android embedded handsets which was identified by German Researchers. It seems that Google confirms that there is a loophole in the token passing system and say that they will be launching an update to fix this issue.
A Google spokesperson said that a server-side patch is being rolled out that addresses the problem for all versions of Android OS.
The official statement by Google read: “Today we’re starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts. This fix requires no action from users and will roll out globally over the next few days.”