Google has get rid of a hole that, allowed someone to snoop on an unencrypted Wi-Fi network and access calendar and contact data on the smartphones.
Today we’re starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third-party access to data available in Calendar and Contacts,”
“This fix requires no action from users and will roll out globally over the next few days.” – Google said.
This fix, will force the Android users to connect to the Calendar and Contat servers by HTTPS. So if someone, that is connected to an unsecured wireless network, won’t be able to get the tokens from the OS to validate devices.
The latest release of Android did not have this problem. But more than 90% of the users are using older versions, that is why Google made the fix.
More information can be found here.