A vulnerability present in most Android devices allows apps to initiate unauthorized phone calls, disrupt ongoing calls and execute special codes that can trigger other rogue actions. The flaw was found and reported to Google late last year by researchers from Berlin-based security consultancy firm Curesec, who believe it was first introduced in Android version 4.1.x, also known as Jelly Bean. The vulnerability appears to have been fixed in Android 4.4.4, released on June 19.