Security News > 2020 > August > Twitter Fixes High-Severity Flaw Affecting Android Users

Twitter has fixed a vulnerability in its Android app, which could have enabled attackers to access private Twitter data, like direct messages on Android devices.

The flaw is related to an underlying Android operating system security issue, which affects operating system versions 8 and 9, said Twitter.

From there, "This vulnerability could allow an attacker, through a malicious app installed on your device, to access private Twitter data on your device by working around Android system permissions that protect against this," said Twitter in a Wednesday post.

Twitter said that 96 percent of Android users with the Twitter app already have an Android security patch installed, which protects them from this vulnerability - but the remaining 4 percent of Twitter for Android users were still affected.

Twitter for its part said moving forward, it has updated Twitter for Android to make sure that external apps can't access Twitter in-app data by adding extra safety precautions beyond standard OS protections; requiring anyone impacted to update Twitter for Android and sending in-app notices to everyone who could have been vulnerable.

News URL

https://threatpost.com/twitter-fixes-high-severity-flaw-affecting-android-users/158060/