- Reaction score
- 1,701
Billions of Android devices open to ‘Dirty Stream’ vulnerability
Microsoft is sounding the alarm about a recently discovered critical security vulnerability on Android named "Dirty Stream" that can let malicious apps easily hijack legitimate apps. Worse still, this flaw impacts multiple apps with hundreds of millions of installs. If you have one of the best Android phones, here's what you need to know to protect your data.
The vulnerability relates to the ContentProvider system prevalent across many popular Android apps, which manages access to structured data sets meant to be shared between different applications. It's basically what lets your Android apps talk to one another and share files. To protect users and ward off unauthorized access, the system includes safeguards such as strict isolation of data, unique permissions attached to specific URIs (Uniform Resource Identifiers), and path validation security.
According to Microsoft's alert, two vulnerable apps that have since been patched include Xiaomi Inc.’s File Manager (1B+ installs) and WPS Office (500M+ installs).
Microsoft is sounding the alarm about a recently discovered critical security vulnerability on Android named "Dirty Stream" that can let malicious apps easily hijack legitimate apps. Worse still, this flaw impacts multiple apps with hundreds of millions of installs. If you have one of the best Android phones, here's what you need to know to protect your data.
The vulnerability relates to the ContentProvider system prevalent across many popular Android apps, which manages access to structured data sets meant to be shared between different applications. It's basically what lets your Android apps talk to one another and share files. To protect users and ward off unauthorized access, the system includes safeguards such as strict isolation of data, unique permissions attached to specific URIs (Uniform Resource Identifiers), and path validation security.
According to Microsoft's alert, two vulnerable apps that have since been patched include Xiaomi Inc.’s File Manager (1B+ installs) and WPS Office (500M+ installs).
New Android security flaw lets hackers seize control of apps — how to stay safe
Billions of Android devices open to ‘Dirty Stream’ vulnerability
www.tomsguide.com