Epic and Google are Having a Row Over the Android Fortnite Launcher

Epic calls Google's decision to reveal a vulnerability in the Fortnite launcher "irresponsible."

News by Matt Kim, News Editor

Updated on 28 August 2018

Epic made waves when it announced that it will be releasing the mega popular Fortnite: Battle Royale Android version through its own launcher, ditching the Google Play Store. The launch would have been a success had it not been for the revelation that there was a serious security vulnerability in the Fortnite Android launcher that has since been patched. But it turns out Epic boss Tim Sweeney isn't too happy with the way Google revealed information about the security vulnerability.

It began last Friday when Google published a report regarding the Fortnite launcher for Android. Google's security team discovered a vulnerability in the launcher that could potentially allow unauthorized third-parties install apps to Android phones through the Fortnite launcher, without needing permission.

Epic decided to release a launcher instead of releasing Fortnite Battle Royale directly on the Google Play Store to avoid paying the 30 percent fee to Google on in-game purchases. A move Epic defends as necessary since Google's store tax cuts into funds that could be used towards development.

Fortnite Galaxy skin exclusive to Samsung Fortnite Android players.

Google disclosed to Epic the vulnerability on August 15 and has a policy to publicly disclose vulnerabilities seven days after the initial disclosure, so users can patch their apps in time. Epic however apparently wanted 90 days before Google publicly disclosed the vulnerability and called Google's decision "irresponsible."

In a series of tweets, Epic boss Tim Sweeney wrote, "We asked Google to hold the disclosure until the update was more widely installed. They refused, creating an unnecessary risk for Android users in order to score cheap PR points."

We asked Google to hold the disclosure until the update was more widely installed. They refused, creating an unnecessary risk for Android users in order to score cheap PR points.
— Tim Sweeney (@TimSweeneyEpic) August 25, 2018

Sweeney argues that since the launcher only updates when users run the launcher or game, 90 days is a bigger window for users to have a chance to open the launcher and have their software updated. With a smaller window, it becomes more vulnerable to hackers who learned about the hack through Google's public statement.

Fortnite has encountered problems with potential hacks before. Due to its large and young playerbase, Fortnite is often the lure used for scams, and Epic accounts are quite vulnerable to hacks. So much so Epic recently rewarded players for two-factor authenticating their Epic accounts with a free emote.

Fortnite Season 8 is well underway. We've got all the info, including the Fortnite Week 3 Challenges. We've also got The Fortnite Expedition Outpost Locations.

Sometimes we include links to online retail stores. If you click on one and make a purchase we may receive a small commission. See our terms & conditions.

Matt Kim

News Editor

Matt Kim is a former freelance writer who's covered video games and digital media. He likes video games as spectacle and is easily distracted by bright lights or clever bits of dialogue. He also once wrote about personal finance, but that's neither here nor there.