Chamsalot wrote: anything we can do in the interim to mitigate the risk? THANK YOU!

As the SC Magazine app states - "The malware-laced app is then distributed in any number of ways – slipped into a public app store, sent as an email attachment or a link in a SMS message, or placed on a public website – for the user to download and install... Forristal suggested only downloading apps from trusted sources to prevent being compromised."

Get your apps from the Google play store - be very suspicious of apps in email or text message links, or on websites.  I realize many of us get texts, emails, etc from various companies with links to apps.  I do some publicity, and build websites where mobile app links are given ... so maybe no one will click those links anymore, but they CAN go to the app store and search and find the app that way. 

And if 4.4.x is available for your device, download it and install it, since this vulnerability is only present in 4.3 and below.

My Droid Razr Maxx (Not HD) is stuck on 4.1.2, last updated in November 2013.   Since there is a security patch, that has been available since April, I would like to see Verizon distribute it for my phone ASAP. 

Additionally; I don't understand why KitKat is not being distributed for the original Droid Razr phones.  Android states that it was built to improve performance on low budget phones so it should be great for these 2 year old Motorola phones.  Yet the Verizon representatives I have spoken with stated that it did not perform up to their standards when they tested it.   I said release it and let me be the judge of that.

As long as you have the box unchecked on your phone that allows unknown sources to install apps, you are fine.  The phone itself will stop anything from installing that does NOT come from Google Play with this box unchecked.  It is in the Security Tab under settings