Microsoft has issued a warning to Android users regarding a new attack known as “Dirty Stream.” This attack allows malicious applications to modify files in another application’s home directory, potentially resulting in the execution of arbitrary code and theft of sensitive information.
The vulnerability arises from the improper use of the Android content provider system, which manages access to structured data sets meant for shared use across various applications.
This system incorporates data isolation, URI resolution, and security measures to verify paths and prevent unauthorized access, data breaches, and manipulation attacks.
Improper implementation can allow user intents, which are messaging objects that facilitate data exchange between components in Android applications, to bypass these security measures.
Through the “Dirty Stream” attack, malicious applications can send a file with a modified name or from another application using a user intent. This can deceive the targeted application into trusting the file name or path, potentially leading to it executing or saving the file in a critical directory.
The primary concept behind the “Dirty Stream” attack involves manipulating data flow between two Android applications, turning a standard operating system function into a malicious tool and enabling unauthorized code execution, data theft, or other harmful outcomes.
Microsoft researcher Dimitrios Valsamaras highlighted multiple incorrect implementations that could be exploited in various attack scenarios. Even popular applications like Xiaomi’s File Manager with over a billion installations and WPS Office with around 500 million users were found to be vulnerable. Both companies have addressed the issues in their software.
To mitigate similar vulnerabilities in the future, Microsoft collaborated with the Android developer community and Google to update their guidance on application security, considering the identified flaws. End users can protect themselves by updating their installed applications regularly and refraining from downloading APK files from untrusted sources.