Minggu, 26 Agustus 2018

Google has already helped patch a serious flaw in Fortnite for Android

Epic Games has decided to release Fortnite for Android outside of the Google Play Store, presumably because it doesn't want to give Google a 30% cut of its revenue. The Fortnite installer has to be downloaded from the Fortnite website instead.

One of the potential problems that brings with it is security: apps outside the Google Play Store aren't subject to the same checks and scans as those inside it. Well, it turns out Google is still keeping an eye on Fortnite – it recently identified a security flaw in the Fortnite installer, which Epic Games has since patched and made safe.

The Fortnite installer grabs the main app and downloads it to a phone. The security flaw, however, allowed any other app on the device to intercept that request and substitute it for another – essentially installing a different app unbeknownst to the user or the installer.

Flaws for thought

Obviously that's quite a serious issue – and given the popularity of Fortnite it's probably one that hackers would've tried to exploit. Since Epic Games patched the problem, though, the installer is once again safe to use to get Fortnite downloaded to devices.

It would appear Epic isn't best pleased that Google made the issue public so early: "Epic genuinely appreciated Google's effort to perform an in-depth security audit of Fortnite," the company said in a statement. "However, it was irresponsible of Google to publicly disclose the technical details of the flaw so quickly."

It's unclear if the security issue was actually exploited by anyone, but if you want to be on the safe side, uninstall and reinstall Fortnite for Android and start again from scratch. Old, unpatched versions of the uninstaller will now no longer be allowed to run.

Via Android Central


August 26, 2018 at 10:30PM
David Nield

Tidak ada komentar:

Posting Komentar