Android users who have “rooted” their smartphones can download the ReKey app to patch the so-called Master Key vulnerability, cybersecurity firm Duo Security announced this week.
A research company recently discovered that Android apps could be maliciously tweaked without a user knowing. Such updates could allow a hacker to pull personal data and files off the phone. Google has said it’s found no evidence of apps in the Google Play store taking advantage of the flaw.
But people who download things from other sources should consider downloading ReKey or turning on the “Verify Apps” setting in the newest version of the Android operating system. Duo Security partnered with Northeastern University to create ReKey. Though Google also issued a patch, it’s up to device makers to offer it up to end-users. Third parties have stepped up in the meantime.