‘Billions of Android Devices Vulnerable to ‘Dirty Stream’ Cyber Attack’

Published:

spot_img

Critical Security Vulnerabilities Discovered in Popular Android Apps by Microsoft Researchers

Billions of Android Installations at Risk of Compromise Due to Security Weakness

Researchers from Microsoft have uncovered a major security flaw in several Android applications, putting billions of installations at risk of compromise. The vulnerability allows for remote-code execution attacks, token theft, and other issues due to a common security weakness.

The affected apps include popular ones with over 500 million installations each, such as Xiaomi Inc.’s File Manager and WPS Office. Microsoft alerted Google’s Android security research team about the problem, leading Google to release new guidance for Android app developers on how to recognize and address the issue.

According to Microsoft, the flaw stems from Android apps sharing files with other applications using a feature called “content provider.” This feature acts as an interface for managing and exposing an app’s data to other installed applications, but it lacks proper content validation procedures. This oversight allows attackers to send files with malicious filenames to receiving apps, potentially leading to unauthorized access and compromise.

Microsoft has urged app vendors to review their products for similar vulnerabilities and take necessary steps to fix them. Both Microsoft and Google have provided recommendations for developers to prevent such security risks. In the meantime, users can protect themselves by updating their apps regularly and downloading only from trusted sources.

spot_img

Related articles

Recent articles

Haryana Cyber Policing Achieves Unprecedented 31% Recovery Rate in Online Fraud Funds

Haryana Cyber Policing Achieves Unprecedented 31% Recovery Rate in Online Fraud Funds In a significant advancement in digital law enforcement, Haryana has reported a remarkable...

ADNOC Distribution Secures $1 Billion Agreement to Acquire Shell Downstream South Africa, Strengthening African Fuel Retail Presence

ADNOC Distribution Secures $1 Billion Agreement to Acquire Shell Downstream South Africa, Strengthening African Fuel Retail Presence In a significant move to expand its international...

People, Not Technology, Shape the Future of AI Projects, Asserts NCST Official

People, Not Technology, Shape the Future of AI Projects, Asserts NCST Official Artificial intelligence (AI) has become a focal point in boardrooms across the Middle...

Transforming Risk Management: A Shift Towards Business Alignment

Transforming Risk Management: A Shift Towards Business Alignment In the realm of cybersecurity, the challenge of effectively managing risk is akin to the dilemma faced...