What Is The Dirty Stream Vulnerability All About?
Microsoft makes the biggest desktop OS in the world and they’ve done a lot to collaborate with the Android platform. Well, this time around, they’ve come to report on a major security issue that might be present in countless apps for Android. This security vulnerability has been called “Dirty Stream”.
Android has something called a content provider system that allows different apps access to data sets that are meant to be shared among multiple applications. Dirty Stream takes advantage of this content provider system and finds a way to manipulate the data stream. This can potentially let a malicious application overwrite files present in another application’s directory, and the overwritten files can be used to gain access over an app and how it behaves.
This means a hacker could take advantage of this vulnerability and use it to gain access to any sensitive information that such an app might contain, or your login credentials when signing into such an application.
Which Apps Do We Know That Have Been Affected By This?
It was stated that there were several applications that were found to be vulnerable to Dirty Stream, with a total of four billion downloads across all of them, which is very worrying.
At the moment, we only know that applications like Xiaomi File Manager and WPS Office, which have 1.5 billion installations together, were both vulnerable to Dirty Stream. However, Microsoft contacted them, the companies responded as they should, and fixes were deployed for both of them way back in February, so things are safe on that front.
As a regular user, there isn’t much way to know which apps are vulnerable, but we can probably rely on the fact that most major applications that Microsoft realized were vulnerable have been contacted and will hopefully be responsible enough to be prompt about their attempts at patching things.
What Can You Do As A User To Protect Against This?
As a user, there isn’t really much that you can do. You’ll have to wait for app developers to push out the appropriate updates to patch over this vulnerability, but by making sure that your applications are always running on the latest version as soon as possible, you’re going to be saving yourself from a lot of security-related headaches. Fortunately, the Google Play Store makes auto-updates easy.
There’s no end to the world of security vulnerabilities, no matter how much OS developers try to put safeguards in place. They can make it harder for hackers, but I don’t think it can ever be absolutely impossible. The idea is just to make it hard enough that most people won’t bother.
