Google discovered a critical vulnerability in the application Fortnite Installer. With the help of his Studio, Epic Games distributes the game Fortnite Mobile on Android smartphones.
The problem is the following: in order to get the game, the user must first download Fortnite Installer already downloads and installs the full version of Fortnite. However, the attack «Man-in-the-Disk», an attacker could replace the real game on any other app with all permissions, including giving out personal information.
Epic Games has released an operational update Fortnite Installer to version 2.1, but also asked Google not to publish details of the vulnerability within 90 days. However, the Corporation has published a detailed description in a week.
This led to the fact that the CEO of Epic Games Tim Sweeney released a statement in which not only thanked Google for «thorough security audit Fortnite», but said the company was «irresponsible» because «many installers have not been updated yet and was vulnerable.» Sweeney calls this move by Google is an attempt to reduce the credibility of Epic in response to the failure of the last distribution of the popular title via the Play store.
Initially, Fortnite Mobile was available as an exclusive for Samsung smartphones, now the game is available to all owners of Android-devices. For this you will need to register in the beta program.