The official app by the Chinese e-com giant is infected with known vulnerability called FFmpeg libavformat media handling (CVE-2016-3062) which was discovered back in 2016. The app shares same FFmpeg RTMP video streaming vulnerability as Facebook. The file sharing application is popular among Android users. The app remains exposed to the vulnerability since 2015, and interestingly, the Messenger app offered by Facebook and WeChat are also infected with the same vulnerability. The popular Facebook app has a known FFmpeg RTMP video streaming vulnerability codenamed as CVE-2015-8271.
As per the report, the app is infected with a vulnerable library called "libyjvoice-4.7.0.so”. The Yahoo Browser app has over 10,000,000 downloads on Android. LiveXLive app has over 50,000,000 downloads. The app is infected with a vulnerability library known as "libLibFlacWrapper.so". The music and radio streaming app powered by Slacker has reimagined the way you listen to your favourite music. Here, we have compiled a list of popular Android apps that can bring you big information security risks. The team scanned the Play Store for those malicious code strains and listed the apps that continue to have these vulnerabilities. It shows the failure in the way Google plays gatekeeper.”
We expected some-but we found thousands of apps with known vulnerabilities. We scraped Google Play to look for matches. Yaniv Balmas, Check Point's head of cyber research said, "We asked ourselves how many apps inside Google Play are using vulnerable libraries. CheckPoint has selected three known and patched vulnerabilities, which carry the potential threat of remote code execution (RCE). If popular applications like Facebook and WeChat can come with malicious vulnerabilities onboard, this means Android users are nowhere safe and are exposed to greater risks.Ī new cybersecurity report by CheckPoint Research claims that long-known vulnerabilities from 2014 still exist in many popular Android apps. Information security has become a critical aspect for companies these days.
0 kommentar(er)
