By
updated 5/19/2011 2:49:56 PM ET 2011-05-19T18:49:56

Google is taking quick steps to fix a flaw that endangers the privacy and security of more than 99 percent of its Android smartphone customers.

The fix addresses a vulnerability, discovered by German researchers earlier this week, that leaves the secret account credentials of 99.7 percent of Android phones unprotected and open to theft.

The flaw lurks in ClientLogin, a Google authentication protocol that verifies communication between Android phones and Google apps such as Google Calendar and Google Contacts, as well as third-party apps such as Facebook.

"We're starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts," Google said in a statement yesterday (May 18), the BBC reported.

"This fix requires no action from users and will roll out globally over the next few days."

© 2012 SecurityNewsDaily. All rights reserved

Discuss:

Discussion comments

,

Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments