IE 11 is not supported. For an optimal experience visit our site on another browser.

Google acts fast to fix Android data leak

Google is taking quick steps to fix a flaw that endangers the security of more than 99 percent of its Android smartphone customers.
/ Source: SecurityNewsDaily

Google is taking quick steps to fix a flaw that endangers the privacy and security of more than 99 percent of its Android smartphone customers.

The fix addresses a vulnerability, discovered by German researchers earlier this week, that leaves the secret account credentials of 99.7 percent of Android phones unprotected and open to theft.

The flaw lurks in ClientLogin, a Google authentication protocol that verifies communication between Android phones and Google apps such as Google Calendar and Google Contacts, as well as third-party apps such as Facebook.

"We're starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts," Google said in a statement yesterday (May 18), the BBC reported.

"This fix requires no action from users and will roll out globally over the next few days."