Yesterday we reported that there was a potential security flaw in HTC handsets. But today, that 'potential' is now 'confirmed' after HTC undertook a swift investigation.If you missed it previously, the 'hole' is said to be a newly-introduced logging script, which will allow any app requesting internet access to your account information, GPS location, system logs and more. Essentially getting the lowdown on you and what you do, where you go etc. Not good news. If you don't do apps, it's not an issue, but if you download apps aplenty, a third party malware app could get in there and make mischief.With that in mind, the company has issued a new statement to clarift its position:HTC takes claims related to the security of our products very seriously. In our ongoing investigation into this recent claim, we have concluded that while this HTC software itself does no harm to customers' data, there is a vulnerability that could potentially be exploited by a malicious third-party application. A third party malware app exploiting this or any other vulnerability would potentially be acting in violation of civil and criminal laws. So far, we have not learned of any customers being affected in this way and would like to prevent it by making sure all customers are aware of this potential vulnerability.HTC is working very diligently to quickly release a security update that will resolve the issue on affected devices. Following a short testing period by our carrier partners, the patch will be sent over-the-air to customers, who will be notified to download and install it. We urge all users to install the update promptly. During this time, as always, we strongly urge customers to use caution when downloading, using, installing and updating applications from untrusted sources.So in short, avoid suspicious apps, look out for that patch and when offered it over-the-air, download it swiftly. Here's hoping that the 'testing period by our carrier partners' is indeed short and all is back to normal in a matter of days.