IBM discovers Android serialization vulnerability allows arbitrary code execution

In the latest security issue to plague Android, IBM has discovered a vulnerability in Android and some third-party SDKs that allows malicious code to elevate its privileges to the system user.