Hackers target widely used Android apps rich in user data to exploit a common path traversal vulnerability identified by Microsoft, enabling malicious apps to overwrite files in vulnerable app directories, potentially leading to code execution and token theft. The Android OS enforces app isolation but the insecure implementation of FileProvider can be exploited by malicious apps to bypass read and write restrictions, impacting apps that handle data shared by other apps. Microsoft identified several popular Android apps on Google Play Store, like Xiaomi's File Manager and WPS Office, with over 500 million installations each containing this vulnerability
Recommendations include handling filenames carefully, updating apps from trusted sources, and resetting credentials for users who accessed shares through vulnerable apps. ```https://cybersecuritynews.com/path-traversal-android-apps-vulnerability/