Good news: MDL-50613 has now been fixed in Moodle 2.8.9 and 2.9.3 (due for release on 9 November 2015), meaning when mobile web services are enabled the security overview report no longer shows the default role for all users with status 'Critical'.
Roles and permissions
Critical security issue with default role for all users
This discussion has been locked so you can no longer reply to it.