4 billion Android users who downloaded apps flagged by Microsoft need to take some actions to stay safe

22comments
4 billion Android users who downloaded apps flagged by Microsoft need to take some actions to stay safe
Microsoft has identified some popular apps downloaded by over 4 billion Android users that can put users at risk.

In a blog post published by the company, it has revealed that it discovered a vulnerability pattern in multiple Android applications that can give a cybercriminal full control over how an app behaves. In addition to that, it can even give threat actors access to a victim's account and sensitive info.

The vulnerability identified by Microsoft centers around the improper implementation of app isolation, which can allow a malicious app to trick another app into overwriting important files.

Microsoft notified application developers about the flaw after discovering it and worked with them to fix the problem. Two of the apps mentioned in the report include Xiami's File Manager, which was installed more than a billion times, and WPS Office, which was downloaded over 500 million times. The issues found in these apps were addressed in February and if you have them on your phone, you are advised to ensure that your device and apps are up to date.

If the app in question provides the option to connect to remote file shares using the FTP and SMB protocols, as is the case with Xiaomi's File Manager, the impact can extend beyond the victim's mobile device. That's why, users of Xiaomi's File Manager should ideally reset credentials and keep an eye out for any anomalous behavior.

Microsoft fears that the vulnerability may also be present in the apps it did not examine and hopes that its findings will encourage publishers to check their apps for similar issues and avoid introducing similar flaws into new apps or versions.

For Android users worried about vulnerabilities like this, Microsoft says that they should always have the latest version of apps running on their phones and only download apps from trusted sources.

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless