Microsoft has discovered a vulnerability in several Android apps that allows for code execution, affecting apps with over 500 million installations each. The vulnerability involves the lack of content validation when sharing files between apps, potentially leading to remote-code execution attacks. Google has issued new guidance for developers on how to address the issue
Xiaomi's File Manager with over 1 billion installations was among the affected apps, highlighting the widespread risk. Microsoft notified app vendors and shared its findings to prevent further exploitation. The vulnerability stems from Android's content provider feature, exploited by attackers sending malicious files to receiving apps. This could result in unauthorized access, token theft, or arbitrary code execution. The impact varies based on the app's implementation, with potential for severe consequences. Both Microsoft and Google have advised developers on mitigation strategies, while end users are encouraged to update apps from trusted sources to reduce the risk of compromise. ```https://www.darkreading.com/cloud-security/billions-android-devices-open-dirty-stream-attack