Android users who have “rooted” their smart­phones can down­load the ReKey app to patch the so-​​called Master Key vul­ner­a­bility, cyber­se­cu­rity firm Duo Secu­rity announced this week.

A research com­pany recently dis­cov­ered that Android apps could be mali­ciously tweaked without a user knowing. Such updates could allow a hacker to pull per­sonal data and files off the phone. Google has said it’s found no evi­dence of apps in the Google Play store taking advan­tage of the flaw.

But people who down­load things from other sources should con­sider down­loading ReKey or turning on the “Verify Apps” set­ting in the newest ver­sion of the Android oper­ating system. Duo Secu­rity part­nered with North­eastern Uni­ver­sity to create ReKey. Though Google also issued a patch, it’s up to device makers to offer it up to end-​​users. Third par­ties have stepped up in the meantime.

Read the article at Los Angeles Times →