Microsoft uncovers a security flaw impacting Android apps with billions of combined downloads

Android logo on smartphone stock photo (8)

Edgar Cervantes / Android Authority


  • Microsoft has uncovered a safety vulnerability affecting Android apps named “Soiled Stream.”
  • This might enable attackers to execute malicious code inside well-liked apps, doubtlessly resulting in knowledge theft.
  • The flaw is widespread, with Microsoft figuring out weak apps which have billions of mixed installations.

Microsoft has dropped at gentle a important safety loophole, doubtlessly affecting numerous Android purposes. Dubbed “Soiled Stream,” this vulnerability presents a severe risk that might grant somebody the power to take management of apps and steal useful consumer data. (h/t: Bleeping Laptop)

The guts of the “Soiled Stream” vulnerability lies within the potential for malicious Android apps to govern and abuse Android’s content material supplier system. This method is often designed to facilitate safe knowledge alternate between totally different purposes on a tool. It contains safeguards akin to strict isolation of knowledge, using permissions connected to particular URIs (Uniform Useful resource Identifiers), and thorough validation of file paths to beat back unauthorized entry.

Nevertheless, careless implementation of this method can open the door to exploitation. Microsoft’s researchers discovered that incorrect use of “customized intents” — the messaging system that enables Android app elements to speak — can expose delicate areas of an app. For instance, weak apps could fail to adequately verify file names or paths, granting a malicious app the prospect to sneak in dangerous code camouflaged as professional recordsdata.

What’s the risk?

By exploiting the Soiled Stream flaw, an attacker may trick a weak app into overwriting important recordsdata inside its personal cupboard space. Such an assault state of affairs may consequence within the attacker seizing whole management over the app’s conduct, gaining unauthorized entry to delicate consumer knowledge, or intercepting personal login data.

Microsoft’s investigation revealed that this vulnerability will not be an remoted challenge, because the analysis discovered incorrect implementations of the content material supplier system prevalent throughout many well-liked Android apps. Two notable examples are Xiaomi’s File Supervisor utility, which has over one billion installations, and WPS Workplace, which boasts about 500 million installs.

Microsoft researcher Dimitrios Valsamaras emphasised the staggering variety of gadgets in danger, stating, “We recognized a number of weak purposes within the Google Play Retailer that represented over 4 billion installations.”

Microsoft has proactively shared its discoveries, alerting builders of doubtless weak apps and collaborating with them to deploy fixes. Each corporations talked about above have promptly acknowledged the recognized points of their software program.

Moreover, Google has taken steps to stop related vulnerabilities sooner or later by updating its app safety pointers, now inserting further emphasis on exploitable widespread content material supplier design flaws.

What can Android customers do?

Whereas builders scramble to seek out and patch weak apps, Android customers can take some easy precautions. Staying vigilant with app updates is essential, as builders will doubtless be issuing fixes quickly.

Moreover, it’s advisable to at all times obtain purposes from the official Google Play Retailer and be extremely cautious when downloading from unofficial sources, which usually tend to harbor malicious apps.

Received a tip? Speak to us! E-mail our workers at You’ll be able to keep nameless or get credit score for the information, it is your selection.

You would possibly like

We use cookies to enable site functionality and collect data about user interactions. By clicking Accept, you agree to our use for advertising, analytics, and support.