Google has issued a fix for an Android security hole that could potentially allow attackers to convert almost any Android app into malware, ZDnet reports.
The vulnerability, discovered by Bluebox Security, has actually existed for a while, dating as far back as Android 1.6.
Google has released a fix to its OEM partners, not directly to users, which means regular users must wait until their phone manufacturers release an official software patch.
Google's Android Communications Manager Gina Scigliano said users shouldn't panic. "We have not seen any evidence of exploitation in Google Play or other app stores via our security scanning tools," she said. "Google Play scans for this issue -- and Verify Apps provides protection for Android users who download apps to their devices outside of Play."