As many as 600 million phones vulnerable to remote code execution attack.

This vulnerability exists regardless of what keyboard a susceptible phone is configured to use. While SwiftKey is available as a third-party app for all Android phones, there’s no immediate indication they are vulnerable, since those updates are handled through the normal Google Play update mechanism.

For the time being, there’s little people with vulnerable phones can do to prevent attacks other than to avoid unsecured Wi-Fi networks. . There is no way to uninstall the underlying app, even when Galaxy owners use a different keyboard.