Microsoft warns of "Dirty Stream" attack impacting Android apps
Microsoft warns of "Dirty Stream" attack impacting Android apps
Microsoft has identified a new security threat called "Dirty Stream" that affects Android apps. This vulnerability can let malicious apps overwrite files in another app's directory, leading to potential data theft and unauthorized code execution. The issue stems from improper use of Android’s content provider system, which can be exploited through custom intents and poor validation practices.
Several popular apps, including Xiaomi's File Manager and WPS Office, were found to be susceptible to this attack, impacting over four billion installations. Microsoft has informed the Android community and Google has updated its app security guidelines to address these vulnerabilities. Users are advised to keep their apps updated and avoid downloading from unofficial sources to protect against such threats.