A vulnerability pattern in various Android apps discovered by Microsoft's research team allowed malicious apps to manipulate files, affecting widely used apps with over 4 billion installations from the Google Play Store. Microsoft emphasized collaboration to address evolving threats, informing developers to check and fix similar vulnerabilities, with responsible disclosure leading to fixes by February 2024. Microsoft also partnered with Google to educate developers about preventing such vulnerabilities, detailing risks like executing arbitrary code and accessing sensitive credentials, illustrated through a case study involving Xiaomi's File Manager
https://www.infosecurity-magazine.com/news/android-flaw-apps-4-billion/