Thursday, December 12, 2024
spot_img
More
    HomeLatest NewsMicrosoft Warns of "Dirty Stream" Attack in Popular Apps

    Microsoft Warns of “Dirty Stream” Attack in Popular Apps

    Windows developer Microsoft has alerted Android users to a serious privacy issue affecting several apps available on the Google Play Store. The flaw is quite dangerous since it can allow hackers to use the hacked apps to steal tokens, change files, and run random commands. The prospect that threat actors could take control of an application’s behaviour and exploit it to access sensitive user data and accounts without authorisation makes the situation even more severe.

    Also read: Tips to Avoid Mobile App Espionage

    The significance of rigorous app testing procedures and proactive steps to reduce the danger of exploitation is highlighted by this security breach. Microsoft’s alert highlights the urgent need for strong cybersecurity measures to protect against changing threats in the world of technology. It is a timely reminder for users to be cautious when engaging with mobile applications.

    Although Microsoft found the “Dirty Stream” vulnerability in several apps, two were named in particular:

    Xiaomi’s File Manager: Version V1-210567 of this program, which has over a billion installs, had a vulnerability. Xiaomi fixed the issue with a new version (V1-210593).

    WPS Office: This well-known office suite was also impacted by the vulnerability and has over 500 million installs. Like Xiaomi, WPS Office has addressed the problem with an update.

    Windows creator Microsoft alerted Android users to a security flaw in several Google Play Store apps.

    The vulnerability might allow an application to steal tokens, overwrite files, and run arbitrary instructions. A threat actor might be able to take over the behaviour of an app and obtain sensitive data and user accounts as a result of this execution. According to the Microsoft Security blog, over four billion downloads of the impacted apps occurred on the Google Play Store. WPS Office (500 million instals) and Xiaomi (nearly 1 billion instals in its File Manager) are among the developers who addressed bugs in their apps.

    The business warned that if the content provider component is not implemented correctly, vulnerabilities could be introduced, allowing users to get around read/write limitations in an application’s home directory. Simply put, the part that permits file sharing and interactivity between apps is impacted. “The malicious application can overwrite a native library with malicious code that gets executed when the library is loaded,” Microsoft added.

    The IT giant advised customers to update their mobile apps through reliable sources like the Google Play Store. 

    By doing this, consumers will be guaranteed to utilise the version with fixed vulnerabilities. Microsoft further stated that to prevent the installation of malicious software, users should not sideload or install apps from unknown sources. In addition to what Microsoft advises, you can safeguard yourself from dangerous apps and check for viruses by installing an antivirus program. Additionally, you need to upgrade your smartphone’s operating system and security patch. By doing this, you can ensure you receive the most recent security updates and bug fixes from Google and your smartphone manufacturer.

    Author

    RELATED ARTICLES

    LEAVE A REPLY

    Please enter your comment!
    Please enter your name here

    Most Popular

    spot_img
    spot_img