Last week it was revealed that Fortnite's independent installer left Android phones vulnerable to 'hijacking'. Before you throw your phones out the window, however, know that the issue has been patched, but Epic's still not happy with Google for telling us.
Android Central revealed that Google had noticed a beefy issue with the Fortnite Installer. Essentially, when using the installer to download the Fortnite file, hackers could take advantage of this to get you to download anything.
Known as a 'man-in-the-disk' attack, any app could replace Fortnite after security checks, so you'd download that instead. There's also a chance it could agree to all asked permissions without you knowing and gain access to a lot of personal data.
As I said, the vulnerability did get fixed sharpish back on August 16th. However, Epic Games is questioning why Google denied its request to hold the information for 90 days - though Google's policy is to divulge the information seven days after an issue has been fixed.
"We asked Google to hold the disclosure until the update was more widely installed. They refused, creating an unnecessary risk for Android users in order to score cheap PR points." Tim Sweeny Tweeted.
Sure, there are plenty of fingers to point in different directions, but ultimately Google stuck to its guns and followed its policies. This just drives home that no matter the size of the company, there will always be a risk in using installers and downloading files outside of Google Play.
Plus, it's an issue many, many people were afraid would come to light. Though, I don't think anyone expected it to crop up so early.
What do you guys think? Did you see it coming or are you not surprised? Let us know in those comments below.