Interfaces are used to group together all the methods that a class promises to publicly expose. The implementing classes are obliged to provide concrete implementations for all these methods. Interfaces are a necessary ingredient of the public API and once released, it can be very hard to fix any flaws without breaking any code that implements the older version. By far, the The security specific repercussions include:
...
An alternative idea is to prefer abstract classes for dealing with constant evolution, but this comes at the cost of the loss of flexibility that interfaces offer (a class may implement multiple interfaces but extend only one class). One notable pattern is for the provider to distribute an abstract skeletal class that implements the evolving interface. The skeletal class can selectively implement a few methods and force the extending classes to provide concrete implementations of the others. If a new method is added to the interface, the skeletal class can provide a non-abstract default implementation that the extending class can optionally override. This pattern is dangerous because a provider is unaware of the extending class's code and may choose an implementation that introduce introduces security weaknesses in the client API.
...