Twitter warned many Android users about a critical security vulnerability in its Twitter app that could allow hackers to access direct messages that are supposed to be private
The social media company said the flaw allowed threat actors to view private user data "through a malicious app installed on your device" and by "bypassing the Android system permissions that prevent this that the threats were able to view private user data
Anyone who owns an Android phone running or used to run Android 8 Oreo or Android 9 Pie was presented with a pop-up notification about the flaw when they opened the Twitter app yesterday (August 5) For most, the threat has passed
In a blog post, Twitter said that 96% of Android users have already received an Android security patch or upgrade to fix the issue, while the remaining 4% are still vulnerable
"We recently discovered and fixed a vulnerability in Twitter for Android related to a fundamental Android OS security issue affecting OS versions 8 and 9," the blog stated
The security issue did not affect Android 7 Nougat or earlier or Android 10 Android versions 8 Oreo and 9 Pie were patched with a security update issued in October 2018, but the patch was installed There could still be millions of phones that have not, or may never receive it
According to Twitter, no one has taken advantage of the flaw to compromise user data
However, the company added that it "cannot be entirely certain" and thus outlined several steps to "keep the potentially vulnerable few safe"
The steps outlined by Twitter include:
Additionally, to "keep your data safe," users should "update to the latest version of Twitter for Android on all Android devices you use to access Twitter"
Twitter states that users must "update to the latest version of Twitter for Android on all Android devices used to access Twitter
Twitter stated that the vulnerability only affects certain Android users and does not affect those using Twitter on iOS or web browsers
Since social media accounts are a central target for hackers, the best way to stay safe is to keep your apps up to date, generate strong and unique passwords, set up two-factor authentication, and use the best antivirus solutions
Comments