Millions of Android smartphones are at risk of being hacked. Microsoft has discovered security flaws in popular Android applications from the Play Store or installed by default by manufacturers. It seems that the Play Protect is completely incapable of identifying breaches of this ilk. To protect users, an emergency update has been deployed with the help of Microsoft experts.
Microsoft has just discovered the presence of a series of security flaws within certain Android applications. In a report published on its site, the American giant explains that it has spotted “high severity vulnerabilities in a mobile framework owned by mce Systems” in September 2021.
This is an Israeli firm that provides software frameworks to developers. These pre-made frameworks simplify the life of developers and the activation of Android devices, explains Microsoft. However, the “extended control” products supplied by mce Systems makes it a prime target for hackers.
Also read: Android 12 flaw allows hacking of some smartphones, including Samsung Galaxy S22 and Google Pixel 6
Microsoft discovers serious flaws in Android apps installed by default
According to Microsoft researchers, this framework is used by many companies specializing in application development, including default built-in system apps on phone. Clearly, it is the apps that come pre-installed on Android phones that put users at risk. Often, it is not possible to get rid of these apps by uninstalling them.
According to Microsoft, these applications are present on millions of Android smartphones in circulation around the world. Some apps, available on the Play Store, have recorded millions of downloads. In detail, Microsoft has identified 4 security vulnerabilities by digging into the code of the framework. “The vulnerabilities we discovered can all be exploited in the same way”adds Microsoft.
According to the research team, the flaws could allow a seasoned attacker “to implement a persistent backdoor” on a smartphone remotely. With this backdoor, it will be able to install viruses or spyware without your knowledge. Worse, a hacker could directly take control of your terminal without the need for physical access to it.
As Microsoft points out, the framework was indeed designed to be able to “access system resources and perform system-related tasks, such as adjusting the device’s audio, camera, power, and storage controls”. The framework developed by mce Systems also has “extended privileges” to work with system applications.
This is why the exploitation of a flaw located in the code of the framework puts personal data at risk and user safety. In this context, Microsoft believes that the breaches can be considered of high severity.
Google’s Play Protect is powerless
Microsoft researchers have also discovered that Google Play Protect, the security system that monitors Play Store apps, is totally helpless in this case. “These controls were not designed to detect these types of issues”regrets the report.
This is not the first time that the reliability of Play Protect has been questioned. To improve security on Android, Microsoft contacted Google teams. By working together, the two firms were able to help Play Protect “identify these vulnerabilities”.
An emergency update has been deployed
Fortunately, the American group did not no evidence found that the vulnerabilities were exploited by pirates. Aware of the potential risks, Microsoft also got in touch with mce Systems as early as September 2021. By working with the Israeli engineers, the IT giant managed to “mitigating these vulnerabilities”.
The report assures that mce Systems has deployed an emergency update for affected developers. The update contained a series of fixes. The loopholes were therefore closed before the disclosure of Microsoft’s report.
