Microsoft has warning about these 2 Android apps with billions of downloads, names of the infected apps and why millions may still be at risk - Times of India

Original source (on modern site) | Article images: [1]

Microsoft

's Threat Intelligence Team recently found security vulnerabilities in several popular

Android apps

, with over 4 billion downloads, that could have led to the compromise of sensitive user data.

The specific issue identified is called a "dirty stream" attack, where a malicious app could potentially overwrite settings on a vulnerable device and gain access to a user's authentication tokens or other confidential information.

This information could then be used to impersonate the user and potentially access their accounts or data on other services.

Two popular apps specifically mentioned by Microsoft are:

Xiaomi's File Manager: This app has over 1 billion installs.

WPS Office: This popular office suite has over 500 million installs.

Both Xiaomi and WPS Office have since addressed the vulnerabilities with updates. However, Microsoft recommends that all Android users should update these apps immediately if they are installed on their devices.

How millions of Android users may still be at risk

While both Xiaomi and WPS have patched the security loophole, but millions of users may still be at risk if they haven't updated their apps. It is important for users to have updated these apps to protect themselves from these security flaws.

How Android smartphone users can protect themselves

* Keep apps updated: Regularly update your apps through the Google

Play Store

or other trusted sources to ensure you have the latest security patches.

* Install from trusted sources: Only download apps from reputable developers and stores to minimize the risk of malware.

* Be cautious of permissions: Pay attention to the permissions requested by apps before installing them. Granting unnecessary permissions can increase your risk.

Microsoft has also collaborated with

Google

to inform app developers and help them avoid similar vulnerabilities in the future. This collaboration between security researchers and tech companies is crucial in keeping users safe in an evolving threat landscape.