Microsoft has issued a warning about a vulnerability pattern found in popular Android applications that have been installed on over 4 billion devices. This vulnerability, named ‘Dirty Stream’, allows cybercriminals to execute malicious code and steal login tokens. Microsoft’s Threat Intelligence team discovered the vulnerability, which gives attackers full control of an application by executing arbitrary code. By stealing tokens, cybercriminals can gain access to user accounts and sensitive data.
The affected applications are widely used and can be found on the Google Play Store with billions of installations. Researchers began informing developers about this vulnerability in February, and updates have been released to address the issue. Examples of affected applications include Xiaomi File Manager and WPS Office, which have been successfully patched.
The vulnerability is located in the data and file exchange system on Android devices. The content provider system is used to exchange data between applications, but an incorrect implementation can introduce vulnerabilities. This allows malicious actors to bypass security measures and gain control over the application.
Microsoft is collaborating with Google to provide guidance for Android developers to recognize and avoid this vulnerability pattern. They recommend using the Android app security guide and the Android Lint tool to identify vulnerabilities. Users are advised to keep their applications and devices updated to protect against this vulnerability.
McLaren’s Lando Norris is confident that the British team is now in a strong position…
As the summer season approaches, the Central Michigan District Health Department is reminding residents in…
After 24 years in business, Mara Hoffman has decided to take a break and pause…
Recently, three fifth-grade students from Pearl Creek Elementary traveled to NASA’s Jet Propulsion Laboratory in…
Currently, there are five quarterbacks who make over $50 million a season, and it is…
This afternoon at 1:45 p.m. CDT, the 2024 season of Professional Bull Riders (PBR) will…