You must log in or register to comment.
That’s why you don’t use android.
When your browser is tied to a “system update”, you can pretend to support old devices till the browser can’t run anymore.
On Android you can do that through the play services which can even implement some system security updates without making it a marketing PR release.
it’s an ImageIO vulnerability, not a bug that only works via a web browser.
Also, it’s way past the shelf life for that device and the manufacturer still fixed it.