Heads up! There are some apps at Google Play Store you might want to avoid for now. A research group has discovered a vulnerability in the Google Play Core Library, a fundamental Android component that many apps use.
First disclosed in August, the vulnerability with identification code CVE-2020-8913 can be exploited such that, without getting technical, intruders can inject files into the system and make them appear to come from a verified source. The files can then be used for malicious activities such as sniffing for account passwords, spying, and reading confidential data and messages.
Although Google has updated the core library back in April to patch this vulnerability back, it appears several application developers have yet to get the patched version of the library. As such, many apps have been found to be still vulnerable. Some of the apps you may want to avoid are the following:
- Microsoft Edge
- Yango Pro
Via: Check Point