This goes to show that, as part of good cybersecurity hygiene, keeping software up to date, even if it is an app on an Android phone, is of utmost importance.
Earlier this month, Microsoft discovered a vulnerability pattern in Android applications that could enable overwriting files and allow remote code execution. This issue that could be leveraged by attackers has also been seen in the wild with several applications, but organizations have seemingly been quick to rectify the problems with Microsoft’s help. In any event, this goes to show that, as part of good cybersecurity hygiene, keeping software up to date, even if it is an app on an Android phone, is of utmost importance.
On May 1st, Microsoft posted a security blog post regarding what it calls the “Dirty Stream attack.” This attack hinges on a subsection of an application that enables file sharing between installed apps, which can be made malicious and used instead of the standard FileProvider class in the Android software development kit.
