Recently came across an article Android security threat which states that 99% of the Android app are prone to take over, as a result of which the code can be altered without changing the cryptographic app signature. The vulnerability revolves around the way Android apps are verified and installed. Although as per Google they haven seen any such breach but Bluebox claims that this threat was present since Android 1.6 version.
Nothing to fear because Google came up with a fix for this and has release it to some Original Equipment Manufacturers(OEMs) like Samsung and HTC. This will be provided by the vendors as an update to the device Fix to OEM .
But the patch that is or will be provided may not be made available to all devices. Like Samsung S which quite old and updates have stopped coming for it. In such case it would be good to keep the option of download from Unknown sources disabled.