Since last week, a known "master key" security hole plagued 99% of all Android devices. Many folks were justifiably wondering how Google would respond to the security leak. It turns out rather than wasting time with a response, they just fixed it and then let everyone know. That's an impressive way to take care of things. No monkeying around with PR nonsense, just fix it and move on. Now the ball is in the court of the hardware OEM to push the patch out as quickly as possible. Here's a quote with a few more details,

Gina Scigliano, Google's Android Communications Manager, said that while Google didn't have a statement, she could "confirm that a patch has been provided to our partners - some OEMs, like Samsung, are already shipping the fix to the Android devices."

Thus, Android users will, as they always have, need to reply upon their hardware vendors for this update.

They may not need to worry too much. Scigliano added, "We have not seen any evidence of exploitation in Google Play or other app stores via our security scanning tools. Google Play scans for this issue - and Verify Apps provides protection for Android users who download apps to their devices outside of Play."
Source: ZDNet