American microblogging and social networking service Twitter said that it already fixed a vulnerability within its app for Android. This vulnerability could have enabled a bad actor to view nonpublic account data or take over the account and send tweets or direct messages. The site shared the good news in a recent blog post.
According to Twitter, before the fix, the vulnerability could involve the insertion of malicious code into storage areas of the Twitter app that are restricted. It may have been possible that a bad actor can access restricted information like protected tweets, location information from the app, and Direct Messages.
We recently fixed a vulnerability within our Android app. To keep your account safe, please update your app as soon as possible. The update is available here: https://t.co/ImcsssBt9b — Twitter Support (@TwitterSupport) December 20, 2019
"We don't have evidence that malicious code was inserted into the app or that this vulnerability was exploited, but we can't be completely sure, so we are taking extra caution," it shared in a recent blog post.
The company has taken the necessary steps and is currently informing users who might have been exposed to the recent vulnerability, the company said. Notification of Twitter users is done by sending a tweet or by email. Also, users were given specific instructions on how to keep their accounts safe.
Twitter declined to comment on whether Indian Twitter users were also affected by the vulnerability. "We are not able to comment on the locations of those affected," the company said. Additionally, Twitter is asking users to update their app to the latest version of Twitter for Android.
The company also said that the vulnerability is an isolated case for Android users, which means iOS or Apple users are not affected. "We're sorry this happened and will keep working to keep your information secure on Twitter. You can reach out to our Office of Data Protection through this form to request information regarding your account security," the company stated.
On Dec. 20, a Twitter privacy Center posting warned users that it had discovered a vulnerability withing Twitter for Android.
This vulnerability has already been fixed in the latest version of the app that was made available earlier this week on Google Play. If you’re having trouble installing the app, please see: https://t.co/HL8nqxAVrS — Twitter Support (@TwitterSupport) December 20, 2019
To provide more detail, this issue was fixed in Twitter for Android version 7.93.4 (released Nov. 4, 2019 for KitKat) as well as version 8.18 (released Oct. 21, 2019 for Lollipop and newer). Twitter for Android is no longer supported on Android OS versions older than KitKat. — Twitter Support (@TwitterSupport) December 20, 2019
