Marvellous, so 6 years later they're finally getting around to taking mobile security seriously. Too bad for the ~900 million buggy old webkits already in distribution.
Of course, this is entirely the fault of the carriers!
Is it too hopeful to think this might be a trial run at automatically upgrading other parts of the Android framework? (I still dream of a world where, when a feature like multiple selection is added to ListView, it's immediately usable on 99% of devices.)
Recently, they have been updating parts of Android through their Google Play Services app. I don't know enough about Android development to know if this webview is used much in the framework of the OS (especially with the new 4.4 out), but I think this is more for html5-based apps.
All those solutions to a problem that shouldn't have existed in the first place, aka carriers not giving a crap about their users, and not being able to deploy updates on time.
They are trying to solve political issues with technics. This may lead to interesting new technologies, but somehow i doubt that it will solve the issue completely one day.
This is really good in one way - security will not be at the mercy of laggard device vendors (though HTC has picked up lot of speed lately - they delivered 4.3 already on the One across multiple carriers and have promised 4.4 within 90 days.) and browser / WebView is one of the biggest attack vectors (considering many apps use WebView), which will be patched automatically just like any other app would be.
With this - we now have most of the important OS components updated via the Play Store -Keyboard, GMail, Play Services, Chrome, various other GApps etc. Technically they should also be able to ship the ART like that - but I am not holding my breath on that one!
Of course, this is entirely the fault of the carriers!