Ars Technica:

Handsets running version 4.1.1 of Google’s mobile operating system are vulnerable to attacks that might pluck passwords, the contents of personal messages, and other private information out of device memory, a company official warned on Friday.

Android and iOS each have their own merits. Security, however, is not one of Android’s.