Twitter has discovered a security vulnerability for the Twitter Android app and is emailing users advising them to update immediately. The email includes a link to the security advisory as well.
As you can see from the email and the blog post linked above, not much information is given. Twitter states that ” a complicated process involving the insertion of malicious code into restricted storage areas of the Twitter app, it may have been possible for a bad actor to access information (e.g., Direct Messages, protected Tweets, location information) from the app.”
The company continues by stating that they have “no evidence” that code was inserted in to the app or any Twitter Android users were affected by the vulnerability. Still, if it’s a vulnerability they’ve discovered and patched, you’ll definitely want to update as soon as possible.
While vulnerabilities are something we can’t seem to get away from, all too often, fixes are rolled out on the down-low and only months later are revealed. It’s refreshing to see a company reach out and be proactive in advising users to update instead of just letting the update process happen naturally.
So, on that note, if you are running the Twitter Android app on your smartphone, you’ll want to update it through the Google Play Store or the Play Store app on your device. If you are using Twitter for iOS, the company indicated that you were not impacted by the vulnerability so updating is not required.