*insert Fortnite dance music*
Epic Games has recently had to patch Fortnite’s Android installer, as Google has found some vulnerabilities in the program. This is despite (or maybe because) the fact that Epic decided to forgo the Google Play Store in favor of a separate installer on Android.
The vulnerability allows intruders to download and install malware. Using a man-in-the-disk attack, a given hacker would use a flaw with the installer’s use of external storage to convince users to download a program to deal with the supposed problem. They’d then hijack the app, downloading what they want to the device.
According to Android Central, Epic delivered the patch within 48 hours of being notified of the problem. It isn’t known if anyone actually took advantage of the flaw, though. Epic, however, isn’t pleased with how Google handled the situation. They claim that Google irresponsibly unveiled the flaw publicly before notifying them, and claimed google “refused” to wait until more users had updated the installer. Google did follow their own policies in this manner, though there may be a few users that didn’t get the memo.