Based on source website:
“The JavaScript v8 flaw allowed The researcher to install an arbitrary application (he installed a BMX Bike game) on the targeted smartphone without requiring any user interaction. The attacker just needs to trick victims into visiting a bogus website he set up to compromise the device.”
“it exploits the flaw in the JavaScript engine in Chrome this mean it could potentially affect all Android versions with the latest version of the Google browser installed.”