Microsoft Discovers New Android Security Flaw Affecting Over 4 Billion Downloads - 1

Microsoft Discovers New Android Security Flaw Affecting Over 4 Billion Downloads

  • Written by Andrea Miliani Former Tech News Expert
  • Fact-Checked by

Microsoft warns Android users and developers about a vulnerability pattern found in multiple Android apps in the Google Play Store. The vulnerability potentially affects over 4 billion installations worldwide, as announced in a recent report .

Among the apps affected, Microsoft disclosed two of the largest: WPS Office, with over 500 million installs, and Xiaomi Inc.’s File Manager, with over 1 billion installs. The two companies were informed in February this year and have since fixed the issue.

The report recognizes that many other apps, accounting for more than 500 million installations, could be affected, but none are named specifically.

This security breach termed a “Dirty Stream” attack, has been identified in a content provider component that allows apps to share information. The flaw in the component places apps at risk because malicious actors can take control of the app and access user tokens. As explained by Microsoft experts in the May 1 announcement, the consequences can vary and depend on how the applications implement the component.

Google, in collaboration with Microsoft, exposed this vulnerability and shared a security risk report on the Android Studio platform for developers, providing more information and advice on how to avoid future vulnerabilities and fix current ones.

Microsoft’s announcement acts not only as a warning to the potential billions of people who may be affected but also as an invitation to other big tech companies and app developers to work together in order to provide better app security across the industry. Microsoft’s statement reads that it not only provides guidance to app users and developers but also intends “to illustrate the importance of collaboration to improve security for all”.

Microsoft’s report also provides guidance for Android users, the biggest suggestion being to make sure the latest versions of apps are currently installed.

It also shares practical examples of the issue, using a case study involving Xiaomi Inc.’s File Manager as a reference. It explains how a malicious app could behave in severe scenarios: “Besides having full access to the device’s external storage, the application requests many permissions, including the ability to install other applications.”

All that said, and as Forbes also confirms, there’s nothing users can do other than to stay informed, keep their apps up to date, and follow Microsoft’s recommendations: “Users should only install applications from trusted sources to avoid potentially malicious applications.”

Bitcoin Dips Below $57,000 Amid Crypto Market Turbulence - 2

Bitcoin Dips Below $57,000 Amid Crypto Market Turbulence

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer
  • Fact-Checked by

Bitcoin (BTC) slid by over 6% to trade just below $57,000 on May 1, ahead of an interest rate announcement by the US Federal Reserve scheduled for the same day. The fall was in line with the broader crypto market, with major altcoins like Ethereum (ETH) also registering a decline. ETH was down by almost 6%, trading just below $2,900, according to Coingecko .

Bitcoin’s performance on May 1st marked one of its poorest showings since November 2022, following the notable decline observed last month. The world’s most valued crypto fell by almost 16% in April, as investors capitalized on gains from a previous rally that had pushed the coin’s value over $70,000.

The value of Bitcoin is currently 22% below March’s record of $73,803, which technically places the crypto in a bear market. However, Bitcoin has still registered an increase of 35% year-to-date and doubled in value when compared to the same time last year. This increase can be attributed to the billions of dollars flowing into the newly established Exchange-Traded Funds (ETFs) since January.

“The recent downtrend can be attributed to increased profit-taking by investors who entered the market during the downturns of 2022 and 2023, as well as ETF investors who witnessed significant price appreciation on their shares after entering the market in the early weeks of 2024” Fineqia research analyst Matteo Greco said to Reuters in a statement.

The decline in crypto also affected related stocks in US pre-market trading. Shares of major crypto exchanges like Coinbase, as well as crypto mining companies like Riot and Marathon Digital, also registered a decline of over 4%.

Growing belief over the Fed maintaining a steady interest rate throughout the year had investors pulling funds out of risk-sensitive assets like cryptocurrencies. However, the decline was momentary as the wider crypto market registered a rebound after the Federal Open Market Committee (FOMC)’s interest rate decision.