Explorer

Microsoft Issues Warning For Android Users Against Xiaomi File Manager And WPS Office Apps On Google Play Store

Microsoft said that these apps can overwrite some server settings allowing it to “communicate with an attacker-controlled server and send the user’s authentication tokens or other information.”

The security research team of Microsoft has recently flagged some apps that pose a serious threat to Android smartphones and those apps have been downloaded by more than 1.5 billion users. Microsoft’s Threat Intelligence Team in a blog post said, “We identified several vulnerable applications in the Google Play Store that represented over four billion installations. We anticipate that the vulnerability pattern could be found in other applications.”

Microsoft brought attention to two applications: Xiaomi’s File Manager, with over 1 billion installs, and WPS Office, which boasts over 500 million installs. Upon discovering a security vulnerability, Microsoft promptly notified Xiaomi, and the issue was resolved after the disclosure, with Xiaomi addressing the flaw. Similarly, WPS Office has also released an update to rectify the vulnerability in their app. Although the problem was resolved in February, users are advised to update these apps on their Android devices promptly if they have them installed.

ALSO READ | Scared Of AI Taking Away Your Job? Here's How You Can Harness The New Tech & Become Irreplaceable

What Threats Do These Apps Pose?

As per Microsoft, the malicious app can overwrite some server settings allowing it to “communicate with an attacker-controlled server and send the user’s authentication tokens or other sensitive information.”

Microsoft suggests that users maintain the latest versions of mobile applications by using the Google Play Store (or another trusted source), which ensures that updates addressing known vulnerabilities are installed. “Users should only install applications from trusted sources to avoid potentially malicious applications,” said Microsoft.

Additionally, Microsoft reported sharing its findings with Google's Android Application Security Research team and working with Google to assist Android app developers in identifying and steering clear of such patterns.

Microsoft’s Threat Intelligence Team noted, “As threats across all platforms continue to evolve, industry collaboration among security researchers, security vendors, and the broader security community is essential in improving security for all.”

Top Headlines

Will AI Soon Make UPI Payments For You? NPCI’s Reported Plan Explained
What If ChatGPT Or Gemini Could Make UPI Payments For You?
Your Instagram Photos Could Now Be Turned Into AI Images By Strangers, Thanks To Meta
Your Instagram Photos Could Now Be Turned Into AI Images By Strangers, Thanks To Meta
Truecaller Says TRAI Caller ID Policy Is Backfiring: '51 Million Calls Ignored Daily'
Truecaller Says TRAI Policy Is Backfiring: '51 Million Calls Ignored Daily'
Galaxy Z Fold 8 Leaked Early And Its Passport-Style Design Has People Talking
Galaxy Z Fold 8 Leaked Early And Its Passport-Style Design Has People Talking

Videos

GHAZIABAD RAIN HAVOC: Fallen tree, flooded roads and traffic chaos in Indirapuram
Jammu and Kashmir: Vaishno Devi Yatra Route Hit By Landslide Amid Heavy Rain, Battery Car Service Suspended
GHAZIABAD FLOOD FURY: Roads submerged, trees collapse, vehicles stranded
BREAKING NEWS: Monsoon Fury Grips Delhi-NCR, Roads Turn Into Lakes
Monsoon Crisis Deepens: Flood Alerts in J&K, Mumbai and Delhi-NCR Face Waterlogging

Photo Gallery

25°C
New Delhi
Rain: 100mm
Humidity: 97%
Wind: WNW 47km/h
See Today's Weather
powered by
Accu Weather
Embed widget