While Facebook is in the hot waters for a series of cyberattacks, potentially exposing millions of users' personal info, Twitter is taking measures to protect its users before a vulnerability is exploited. Twitter has rolled out an important update to its Android users that patches a dangerous flaw putting millions of users at risk.
In a blog post on Friday, Twitter discovered a flaw in its Android version of the app and users can prevent any malicious activity and protect their accounts by updating the app from Play Store. Affected users are being notified from the app or by email, asking them to take certain steps to keep the accounts safe.
"These instructions vary based on what versions of Android and Twitter for Android people are using. We recommend that people follow these instructions as soon as possible. If you are unsure about what to do, update to the latest version of Twitter for Android," Twitter said in a post.
Twitter also assures its iOS users that they needn't be worried as the flaw doesn't affect Twitter for iOS.
What are the risks?
Twitter said it discovered a flaw in the Android version of the app that could allow hackers to see non-public account information or worse - control the account. In case the flaw is exploited by the bad actors, they could send tweets, Direct Messages, protected tweets and share location information pretending to be the account holder.
Twitter says hackers could insert malicious code into the restricted storage areas of the Twitter for Android app to gain control of the account. But there is no need to be alarmed by the notification. Twitter suggests it found no evidence of the flaw being exploited, but the security fix guarantees users' safety.
Extra precautions
In addition to updating the app, Twitter users could also fill out the Office of Data Protection's form and a comprehensive report of how safe your account is will be sent across. Even though Twitter hasn't advised changing passwords of the accounts, it is a good practice to update old passwords and make sure you do not reuse the same password for multiple accounts.
To further strengthen the security of your account, two-factor authentication must be enabled.
