Microsoft warns of ‘Dirty Stream’ security flaw impacting Android apps

Microsoft Issues Alert on ‘Dirty Stream’ Android Security Threat

In a recent revelation, Microsoft has identified a new Android security vulnerability known as the ‘Dirty Stream’ attack. This security gap could potentially allow nefarious applications to overwrite files within another app’s private directory, leading to unauthorized code execution and the theft of sensitive data.

The root of the ‘Dirty Stream’ issue lies in the misuse of Android’s content provider system, which is designed to manage and facilitate the sharing of structured data between different applications. Despite the system’s inherent security protocols to thwart unauthorized access, Microsoft’s investigation uncovered that incorrect implementation of ‘custom intents’ could sidestep these safeguards.

Custom intents, as explained by Bleeping Computer, are mechanisms that enable communication between components of various Android applications. Exploiting the ‘Dirty Stream’ vulnerability, a malicious app could dispatch a file with an altered filename or pathway to an unsuspecting app via a custom intent, deceiving the recipient app into accepting and executing or storing the file in a sensitive directory. This breach could pave the way for unauthorized code execution, data theft, and other security compromises.

Microsoft’s researchers have pointed out that flawed implementations of the content provider system are widespread, affecting applications that cumulatively boast over 4 billion installations. Notably, at least four of these applications have been downloaded more than 500 million times each. Microsoft cited two prominent examples with extensive user bases: Xiaomi’s File Manager, with over 1 billion installations, and WPS Office, which has been installed over 500 million times.

Upon discovering the flaw, Microsoft reported that both Xiaomi and the developers of WPS Office were cooperative and have since released updates to rectify the security vulnerability.

Following suit, Google has taken steps to amend its app security guidelines, emphasizing typical errors in content provider system implementations. Additionally, an article has been published on the Android Developers website detailing Microsoft’s findings, with the aim of encouraging developers of susceptible apps to issue updates that address the ‘Dirty Stream’ vulnerability.

For Android users, the primary line of defense against such security flaws is to ensure their applications are regularly updated. Moreover, users should exercise caution when downloading apps, particularly from sources outside the Google Play Store, where security vetting may not be as rigorous.

Source: Microsoft Via: Bleeping Computer

MobileSyrup may benefit from commissions on purchases made through our links, which support the free journalism provided on our site. These links do not affect our editorial content. Support us here.