Google tried to assuage fears over the "Stagefright" bug on Wednesday by announcing software updates to Android phones and software.
Last week, security firm Zimperium announced that it discovered Stagefright, a flaw in Android devices that exposed them to malware from messages containing infected video. In some cases, simply receiving or previewing a message without even opening it was enough to let hackers take over a phone — a bug that Zimperium said could "critically expose" 95 percent of Android devices.
On Wednesday, Google told NBC News in an email that 90 percent of Android devices were actually protected with a programming technique called "address space layout randomization" (ASLR).
The company also said that the next release of Messenger — the default messaging app for many Android phones — was getting an update that would force users to click on videos to play them, preventing the bug from infecting devices through previews.
The announcements came as Adrian Ludwig, Google's lead engineer for Android security, gave a speech at the Black Hat security conference in Las Vegas outlining the company's fix.
Google started pushing a fix to Nexus devices on Wednesday. After that, Nexus owners can expect regular security updates every month. Other popular Android devices from manufacturers such as Samsung, HTC, LG and Sony will get the same protection against Stagefright sometime in August.