:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/NNB32L6OMVBUBJVXTBZ7AJSFDY.jpg)
Microsoft has issued a warning regarding a vulnerability that affects several popular Android applications with over 4 billion installations. This vulnerability allows cybercriminals to execute malicious code and steal login tokens from devices. Referred to as ‘Dirty Stream’, this vulnerability gives attackers full control over an application’s behavior and can result in access to user accounts and sensitive data.
Microsoft’s Threat Intelligence team uncovered this vulnerability, which was found in various Android apps available on the Google Play Store. The team started sharing their findings with developers of affected applications in February, and they have been working on updates to address the issue ever since.
One of the affected applications is Xiaomi File Manager, which had a vulnerability in version V1-210567. Xiaomi released an updated version, V1-210593, to fix this issue. Similarly, the WPS Office app had a vulnerability in version 16.8.1, which was addressed in version 17.0.0.
The vulnerability arises in the data and file exchange system on Android, allowing applications to share information through a system called content provider. However, improper implementation of this system can introduce vulnerabilities that allow malicious actors to execute arbitrary code and steal tokens, leading to access to sensitive data.
Microsoft is collaborating with Google to create guidelines for Android app developers that will help them prevent this type of vulnerability from occurring again in the future. They recommend using tools like Android Lint and GitHub’s CodeQL service to identify and address vulnerabilities before they can be exploited by attackers
