The leader of the firm behind the hit game Fortnite has accused Google of being “irresponsible” in the way it revealed a flaw affecting the Android version of the title.
On Friday, Google made public that hackers could hijack the game’s installation software to load malware.
The installer is needed because Epic Games has bypassed Google’s app store to avoid giving it a cut of sales.
Epic’s chief executive said Google should have delayed sharing the news.
“We asked Google to hold the disclosure until the update was more widely installed,” tweeted Tim Sweeney.
“They refused, creating an unnecessary risk for Android users in order to score cheap PR points.”
“We would like to request the full 90 days before disclosing this issue so our users have time to patch their devices,” the games company added.
Google’s disclosure rules state that it reveals details of bugs to the public 90 days after reporting them to the developers responsible if they have not been tackled, but only waits one week after a patch is made “broadly available”.
As such, it rejected the request.
Mr Sweeney has said he is grateful that Google audited his firm’s software and notified it of the flaw.
But he denied suggestions that the tech giant had acted in users’ interests by refusing to keep the matter private until mid-November.
“Epic Games’ decision to bypass the Google app store shows that when security conflicts with commercial interests, often the commercial interests win but at the cost of the public’s safety online,” commented Professor Steven Murdoch, a security researcher at University College London.
“Security is no longer just the result of people making good technical decisions, but also that the complex commercial structures in place work for, and not against, better online security.”
In a separate development, Epic has announced an incentive for all Fortnite players to activate two-factor authentication to reduce the risk of their accounts being stolen.
This requires gamers to enter a code sent to their phone or email address in addition to their password when signing in.
Those that adopt the practice can use the game’s Boogiedown dance moves.