We reported yesterday how 99% of Android handsets are vulnerable to impersonation attacks. Well, it seems that a fix is currently being rolled out for all affected users.
The flaw potentially could enable attackers to hijack tokens used to access calendars, contacts and a number of other services available within Google’s Android operating system.
A Google spokesperson told computerworld that the flaw, which had only recently been identified by a team of German researchers, was being fixed and a server-side patch was being rolled out that addresses the problem for all versions of Android OS.
The official Google statement read:
“Today we’re starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts. This fix requires no action from users and will roll out globally over the next few days.”