Google is taking quick steps to fix a flaw that endangers the privacy and security of more than 99 percent of its Android smartphone customers.
The fix addresses a vulnerability, discovered by German researchers earlier this week, that leaves the secret account credentials of 99.7 percent of Android phones unprotected and open to theft.
The flaw lurks in ClientLogin, a Google authentication protocol that verifies communication between Android phones and Google apps such as Google Calendar and Google Contacts, as well as third-party apps such as Facebook.
"We're starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts," Google said in a statement yesterday (May 18), the BBC reported.
"This fix requires no action from users and will roll out globally over the next few days."