The FLP downgrader exploit was a clever abuse of Android’s versioning flexibility and a legacy component’s overprivileged nature. It highlights several important security lessons: