• Home
  • Politics
  • News
  • Business
  • Health
  • Entertainment
  • Sports
  • Lifestyle
  • Education
  • Opinion
Thursday, 30 March, 2023
  • Login
topfmonline.com
 
  • Home
  • News
  • Politics
  • Business
  • Entertainment
  • Health
  • Lifestyle
  • Sports
  • Education
  • Technology
  • Foreign
No Result
View All Result
topfmonline.com
No Result
View All Result
Home Technology

Microsoft Details Severe Vulnerabilities in Pre-Installed Android Apps

TOPFM NEWS by TOPFM NEWS
May 30, 2022
in Technology
A A
0
Microsoft Details Severe Vulnerabilities in Pre-Installed Android Apps
0
SHARES
63
VIEWS
Share on FacebookShare on Twitter

Microsoft has publicly disclosed a series of vulnerabilities in a mobile framework used in Android apps “with millions of downloads” that could have exposed their users to attacks.

The company says it “uncovered high-severity vulnerabilities in a mobile framework owned by mce Systems and used by multiple large mobile service providers in pre-installed Android System apps that potentially exposed users to remote (albeit complex) or local attacks.”

The vulnerabilities have been identified as CVE-2021-42598, CVE-2021-42599, CVE-2021-42600, and CVE-2021-42601; Microsoft says the flaws have received Common Vulnerability Scoring System (CVSS) scores between 7.0-8.9 out of 10.

The company says that mce Systems’ mobile framework includes a service that an attacker “could remotely invoke to exploit several vulnerabilities that could allow adversaries to implant a persistent backdoor or take substantial control over the device.”

Microsoft says it discovered the security flaws in September 2021. It then informed mce Systems and “the affected mobile service providers” of the vulnerabilities and collaborated with those companies to mitigate the problems so the relevant apps couldn’t be exploited by hackers.

“We worked closely with mce Systems’ security and engineering teams to mitigate these vulnerabilities,” Microsoft says, “which included mce Systems sending an urgent framework update to the impacted providers and releasing fixes for the issues. At the time of publication, there have been no reported signs of these vulnerabilities being exploited in the wild.”

The company also informed Google of these security flaws. Google reportedly responded by updating Google Play Protect, which Google says Android users can use to “help keep your apps safe and your data private,” to detect vulnerabilities of this nature.

But the full extent of these vulnerabilities isn’t known. Microsoft says that “there could be additional providers still undiscovered that may be impacted” by these flaws, and notes that “several mobile phone repair shops” may have installed a vulnerable app on customers’ devices. Android users have been advised to look for that app and remove it from their phones.

More information about the vulnerabilities—including the part of mce Systems’ mobile framework affected, how they could have been exploited, and more—is available via Microsoft’s report.

Related Posts

TikTok launches an elections hub in Kenya ahead of General Elections

TikTok launches an elections hub in Kenya ahead of General Elections

July 15, 2022
10
Facebook to allow up to five profiles tied to one account

Facebook to allow up to five profiles tied to one account

July 15, 2022
4
Source: Nathaniel Mott
Via: PCMAG
Tags: Microsoft Details Severe Vulnerabilities in Pre-Installed Android Apps
Previous Post

Putin warns French, German leaders over arms supplies to Ukraine

Next Post

iPhone 14 Pro and Pro Max could finally get always-on display

Related Posts

TikTok launches an elections hub in Kenya ahead of General Elections
Technology

TikTok launches an elections hub in Kenya ahead of General Elections

July 15, 2022
10
Facebook to allow up to five profiles tied to one account
Technology

Facebook to allow up to five profiles tied to one account

July 15, 2022
4
Microsoft releases tweet-size exploit for macOS sandbox escape bug
Technology

Microsoft releases tweet-size exploit for macOS sandbox escape bug

July 14, 2022
9
Final Android 13 beta arrives ahead of its official launch ‘in the weeks ahead’
Technology

Final Android 13 beta arrives ahead of its official launch ‘in the weeks ahead’

July 14, 2022
2
Ex-CIA engineer Joshua Schulte convicted over massive data leak
Technology

Ex-CIA engineer Joshua Schulte convicted over massive data leak

July 14, 2022
2
Samsung Galaxy Z Fold 4 with model name SM-F936U certified by FCC
Technology

Samsung Galaxy Z Fold 4 with model name SM-F936U certified by FCC

July 13, 2022
2
Next Post
iPhone 14 Pro and Pro Max could finally get always-on display

iPhone 14 Pro and Pro Max could finally get always-on display

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

BROWSE BY CATEGORIES

  • Business
  • Education
  • Entertainment
  • Foreign
  • Health
  • Lifestyle
  • News
  • Opinion
  • Politics
  • Sports
  • Technology
  • Uncategorized

BROWSE BY TOPICS

2022 Budget Afghanistan akufo addo Amazon Apiate explosion apple AT&T Black Stars covid COVID-19 COVID 19 E-Levy facebook Fuel Ghana Police Service Google Government health Intel iphone Mahama Majority Microsoft Minority momo NDC news NLC NPP Nvidia OMICRON Parliament police Russia security South Africa Taliban tech Tesla twitter US UTAG vaccine vaccines Xinjiang

Recent Posts

  • Release money to District Assembly Common Fund – Minority to govt
  • NDC flagbearer race: Mahama picks number one slot on ballot
  • Speaker of Parliament refers UG’s new residential policy to Education Committee
  • IES predicts drop in fuel prices from April 1
  • Africa should focus on digital economy and innovation – Kamala Harris

Recent Comments

No comments to show.

RECENT NEWS

  • Release money to District Assembly Common Fund – Minority to govt March 29, 2023
  • NDC flagbearer race: Mahama picks number one slot on ballot March 29, 2023
  • Speaker of Parliament refers UG’s new residential policy to Education Committee March 29, 2023
  • IES predicts drop in fuel prices from April 1 March 29, 2023

MAIN CATEGORIES

  • Business
  • Education
  • Entertainment
  • Foreign
  • Health
  • Lifestyle
  • News
  • Opinion
  • Politics
  • Sports
  • Technology
  • Uncategorized

Entertainment

US Veep Kamala Harris hails impact of medical drone delivery in Ghana
Health

US Veep Kamala Harris hails impact of medical drone delivery in Ghana

2 days ago
1
  • ABOUT US
  • CONTACT
  • ADVERTISE

© 2023 Top Media Group - Powered by BackUp Data Systems

No Result
View All Result
  • Home
  • Politics
  • News
  • Business
  • Health
  • Entertainment
  • Sports
  • Lifestyle
  • Education
  • Opinion

© 2023 Top Media Group - Powered by BackUp Data Systems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In