Microsoft reveals critical security flaw affecting Android apps

Share post:

Microsoft has identified a serious vulnerability in Android apps that could allow malicious software to hijack legitimate apps and steal valuable user information. This flaw, named “Dirty Stream,” affects many popular apps with billions of combined downloads.

The “Dirty Stream” flaw takes advantage of Android’s content provider system, which is designed for secure data sharing between apps. However, incorrect implementation of the system can lead to exploitation, as attackers use “custom intents” to access sensitive areas of an app. For example, vulnerable apps might not properly validate file paths, allowing malicious code to be inserted.

Attackers exploiting the flaw could overwrite critical files in an app’s private storage, potentially gaining control over the app’s behaviour, accessing sensitive data, or intercepting login information. The flaw has been identified in popular apps like Xiaomi’s File Manager and WPS Office, affecting billions of installations.

Microsoft has notified developers of vulnerable apps, working with them to deploy fixes. Google has updated its app security guidelines to prevent similar vulnerabilities in the future.

Android users should stay vigilant with app updates and download apps only from official sources like the Google Play Store to minimize the risk of malicious apps.

 

SUBSCRIBE NOW

Related articles

Cyber Security Today, May 24, 2024 – A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more

A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more. Welcome to Cyber Security...

ChatGPT mobile mania: Why users are flocking to ChatGPT Plus

On the day OpenAI unveiled GPT-4o, ChatGPT's mobile app saw a staggering 22% spike in revenue, marking its...

Canada centralizing cybersecurity efforts of federal IT departments

Federal departments and agencies are making only marginal progress in improving their cyber maturity, Ottawa said Wednesday as...

Starlink’s evolution making it less “TCP/IP friendly”

The rapid evolution of Starlink's satellite internet presents significant challenges for traditional Transmission Control Protocol (TCP), according to...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways