Microsoft security researchers have announced that they have found vulnerabilities in a framework used by many applications preinstalled on mobile devices. android smartphones.
The applications concerned have been patched, but it is possible that others, as yet undiscovered, are concerned.
Important vulnerabilities present in pre-installed applications
While researching the impact of pre-installed apps on smartphone security, Microsoft researchers discovered a series of vulnerabilities. These flaws are present in a mobile framework belonging to mce Systems and used by numerous applications, in particular pre-installed on telephones purchased from telecommunications operators. They were also downloadable from the Google Play Store and had been downloaded millions of times.
The vulnerable framework has permission to access many sensitive systems of the smartphone for its operation, which makes the vulnerabilities present within it particularly attractive to hackers. According to Microsoft, these flaws, which range from command injection to elevation of privilege, can allow hackers to create a persistent backdoor or gain significant control over the device. ” Coupled with the extended system privileges that pre-installed applications possess, these vulnerabilities could have provided attack vectors allowing attackers to access system configuration and sensitive information. “, indicate the researchers in their article.
Other undetected applications possibly vulnerable
The problem is that it’s usually impossible for users to remove these pre-installed apps without gaining root access. It was therefore important that the problem be solved at the source. To do this, Microsoft has worked closely with mce Systems to correct these flaws as quickly as possible and make the update available to all operators concerned. According to the company, all the vulnerable applications identified by the researchers have been patched, and it is therefore sufficient to update them to be protected. In other good news, Microsoft has worked with Google to make it possible to detect such vulnerabilities during Google Play Protect’s automatic security checks.
But, for all that, the problem is not completely solved. Indeed, the Redmond firm suspects that other operator applications are affected and have not yet been detected. Additionally, users may be vulnerable even when they are not customers of the affected telecom operators. The fact is that an application sometimes installed by phone repair shops is affected by the flaws.
Microsoft therefore advises all owners of Android smartphones to search for the application ” com.mce.mceiotraceagent » and delete it if necessary. The company did not provide a complete list of applications and operators affected by these vulnerabilities.
In one of the episodes of the “IRL” podcast that she hosts for Firefox, Manoush Zomorodi shares a chilling anecdote. “One of the listeners, worried about her alcohol consumption, inquired on Google, says the host. When she then logged on to Facebook, she began to see targeted advertisements for nearby drinking establishments.
Read more
Sources: The Hacker News, Microsoft
4