Dirty Stream Vulnerability Alert: Millions of Android Users at Risk as Microsoft Warns of Malicious Code Execution and Data Theft

Microsoft has issued a warning about a vulnerability pattern found in popular Android applications that have been installed on over 4 billion devices. This vulnerability, named ‘Dirty Stream’, allows cybercriminals to execute malicious code and steal login tokens. Microsoft’s Threat Intelligence team discovered the vulnerability, which gives attackers full control of an application by executing arbitrary code. By stealing tokens, cybercriminals can gain access to user accounts and sensitive data.

The affected applications are widely used and can be found on the Google Play Store with billions of installations. Researchers began informing developers about this vulnerability in February, and updates have been released to address the issue. Examples of affected applications include Xiaomi File Manager and WPS Office, which have been successfully patched.

The vulnerability is located in the data and file exchange system on Android devices. The content provider system is used to exchange data between applications, but an incorrect implementation can introduce vulnerabilities. This allows malicious actors to bypass security measures and gain control over the application.

Microsoft is collaborating with Google to provide guidance for Android developers to recognize and avoid this vulnerability pattern. They recommend using the Android app security guide and the Android Lint tool to identify vulnerabilities. Users are advised to keep their applications and devices updated to protect against this vulnerability.