Security researchers identified a new major flaw in Google Play Core Library that affects many popular Android apps. The affected applications usually have hundreds of millions of downloads.
Participant hold their laptops in front of an illuminated wall at the annual Chaos Computer Club (CCC) computer hackers' congress, called 29C3, on December 28, 2012 in Hamburg, Germany. The 29th Chaos Communication Congress (29C3) attracts hundreds of participants worldwide annually to engage in workshops and lectures discussing the role of technology in society and its future.
As of the moment, they are susceptible to malicious attacks that could steal login credentials, private messages, contacts, and other sensitive user data.
According to Ars Technica's latest report, Check Point, a security firm, confirmed that the Edge Browser, the PowerDirector video editor, the XRecorder video, and screen recorder are included in the affected apps.
New flaw allows the app to execute malicious code
The security firm Oversecured is the first one to disclose the new security bug in August. This flaw allowed the installed app from the Google Play Core Library to execute code in the context of any other applications that relied on the infected library version.
In this photo illustration several apps of Google are displayed on a smartphone on March 3, 2018 in Berlin, Germany. The left-wing organizers of the event cited Google's profit-oriented mass collection of personal data about people as well as the gentrification locals fear will accelerate should the Google Campus open. Google is reportedly planning to open a Google Campus, which is meant to create a venue for startups and technological exchange, this summer in a building that once housed an electric relay station in the heart of Kreuzberg.
Also Read: 10 Biggest Data Breaches of 2020: From CitOday to Lazada and MORE!
The security issue came from a directory traversal flaw. This one previously allowed untrusted sources to copy files to a folder that was supposed to be only for the trusted code of Google Play.
Google confirmed that it already patched the bug in April, however, developers must first download the updated library and incorporate it into their app code to fix the vulnerable applications.
But, Check Point claimed that a number of developers are still using the vulnerable library version.
Best Android Apps in Google Play Store
Although Google Play Core Library is suffering from a major flaw, Google still released the best apps in the Play Store for this year of 2020.
Entrepreneur Asian Pacific reported that the apps' categories include games, movies, books, and more. Google also released the list of apps that are considered the best ones in Mexico.
Here are the following;
- Dream League Soccer 2020
- Microsoft Office
- Sleep Theory - Sleep, Meditation & Alarm Clock
- ShareTheMeal
- Genshin Impact
Here are the other apps that are included in Google Play Store's best applications;
- Disney +
- Reface
- Bazaart: Photo Editor & Graphic Design
- Dolby on: Record Audio & Music
- Centr, by Chris Hemsworth
- Yana
- Vimeo Create - Video Maker & Editor
- Speekoo
- Sleep Theory - Sleep, Meditation & Wake Up
- ZOOM Cloud Meetings
- Calm
- Grid Diary - Journal, Planner
- Microsoft Office: Word, Excel, PowerPoint & More
- Timecap: Habit tracker & Self care
For more news updates about other security vulnerabilities, always keep your tabs open here at TechTimes.
Related Article: OpenClinic's Major Flaw Leads to Four 'High Risk' Zero-Day Vulnerabilities That Could Expose Patient Data
This article is owned by TechTimes.
Written by: Giuliano de Leon.
