Microsoft warned of a new Android security attack called ‘Dirty Stream’ that could allow malicious apps to overwrite files in another app’s home directory. The security flaw could allow arbitrary code execution and data theft.
According to Microsoft’s report, Dirty Stream stems from improper use of Android’s content provider system. That system manages access to structured data sets intended to be shared between different apps. While the system incorporates various security measures to prevent unauthorized access, incorrect implementation of ‘custom intents’ could bypass the security measures.
Bleeping Computer describes custom intents as facilitating communication between components across Android apps. Dirty Stream could allow a malicious app to send a file with a manipulated filename or path to another app via a custom intent, misleading the target app into trusting the file. Once that’s done, the target app could execute the manipulated file or store it in a critical directory, leading to possible unauthorized code execution, data theft and more.
The bad news is that, according to Microsoft researchers, incorrect content provider system implementations are abundant, impacting apps with a total of over 4 billion installs. At least four of those apps had over 500 million installs each. Microsoft highlighted to example apps with large installation bases: Xiaomi’s File Manager (over 1 billion installs) and WPS Office (over 500 million installs).
Microsoft noted that both companies were responsive to its findings, and each published an update addressing the security flaw.
Bleeping Computer reports that Google also updated its app security guidance to highlight common content provider system implementation errors and published an article on the Android Developers website about Microsoft’s findings in hopes developers with vulnerable apps will publish updates to fix Dirty Stream.
As for users, there’s not a whole lot they can do about the security flaw. The biggest thing is to keep apps up to date to protect against security issues. Beyond that, users should be careful when installing apps, especially when they go to sources outside the Play Store that may not properly vet apps for security issues.
Source: Microsoft Via: Bleeping Computer
MobileSyrup may earn a commission from purchases made via our links, which helps fund the journalism we provide free on our website. These links do not influence our editorial content. Support us here.
