Popular Android applications with over 250 million downloads they are still sensitive to the vulnerability that the patch received back in August.
The security company Oversecured is at the end of the summer discovered a vulnerability within the Google Play Core Library, which allowed the launch of malicious code within legitimate applications. Thus, the malicious elements used the permissions that were given to the applications that the users downloaded without a doubt that something was wrong, and in that way it was possible to monitor the behavior of the users, in order to get sensitive data. The affected library is used by many popular applications, including Chrome, Edge, Facebook, Instagram, WhatsApp, and Snapchat. The vulnerability was rated 8.8 (High) and patched with Google Play Core Library 1.7.2.
It has recently been established that some applications use vulnerable versions even three months after the update is released, and among them are OkCupid, Aloha, Edge, Bumble, and a few others.
Source: Bleeping Computer
*The article has been translated based on the content of PC Press by pcpress.rs. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!