Urgent warning to millions of Android users over security flaws in pre-installed apps that CAN’T be deleted
MILLIONS of Android users are being warned about security flaws in applications that come pre-installed on their phones.
The apps, which are typically difficult for the average user to delete from their phone, were recently found to have vulnerabilities that could have been exploited by attackers.
The vulnerabilities were detected by the Microsoft 365 Defender Research Team and reported on Microsoft’s security blog.
According to the research team, the vulnerabilities have now been fixed, but the weaknesses could have been susceptible to bad actors looking to get a hold of sensitive information.
Users have been warned that they should make sure their phones have the latest updates to make sure the fixes are applied.
Microsoft reported that the problems were contained in a mobile framework “used by multiple large mobile service providers in pre-installed Android System apps.”
Liabilities within the apps “potentially exposed users to remote (albeit complex) or local attacks”, Microsoft said.
The company says the problems were resolved through work with the mobile framework developer mce Systems and the mobile service providers impacted by the issue.
“We commend the quick and professional resolution from the mce Systems engineering teams, as well as the relevant providers in fixing each of these issues,” Microsoft said in its report.
“Collaboration among security researchers, software vendors, and the security community is important to continuously improve defenses for the larger ecosystem.”
As a result of the collaborative effort that successfully fixed the problem, the impacted users can keep using the apps without concern.
Microsoft’s detection of the Android system app vulnerabilities stemmed from general research into pre-installed applications.
The team says it wanted to “better understand” how mobile device security is impacted by these kind of apps.
Within the mce Systems framework, they detected an element that could have been exploited by attackers to remotely commander control over the device.
We pay for your stories!
Do you have a story for The US Sun team?
Denial of responsibility! planetcirculate is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.