Google is fixing a security flaw discovered by German researchers on Friday. Google will fix problems today over servers that won't be noticed by users.
Some Google account authentications were unencrypted, which could be hacked over open or public Wi-Fi networks, allowing hackers to get Google Calendar, Google Contacts, and Google Picasa account information. Early versions of Android used insecure http connections, while the newer fix connects via https connections.
In general, we suggest that you don't use public Wi-Fi networks for important or risky business, such as accessing your bank accounts on your computer or smartphone. The best way to access banking or confidential information is through https secure web addresses.
The problem does not exist in Android 2.3.4 Gingerbread. Google is still working on a fix for the Picassa vulnerability.
"Today we're starting to roll out a fix which addresses a potential
security flaw that could, under certain circumstances, allow a third
party access to data available in calendar and contacts. This fix
requires no action from users and will roll out globally over the next
few days."