This isn’t a good look for Rogers, Bell, Freedom Mobile, TELUS and a few other telcos. According to BleepingComputer, Microsoft has found some serious vulnerabilities in Android apps that they distribute:
The researchers found these vulnerabilities (tracked as CVE-2021-42598, CVE-2021-42599, CVE-2021-42600, and CVE-2021-42601) in a mobile framework owned by mce Systems exposing users to command injection and privilege escalation attacks.
The vulnerable apps have millions of downloads on Google’s Play Store and come pre-installed as system applications on devices bought from affected telecommunications operators, including AT&T, TELUS, Rogers Communications, Bell Canada, and Freedom Mobile.
“The apps were embedded in the devices’ system image, suggesting that they were default applications installed by phone providers,” according to security researchers Jonathan Bar Or, Sang Shin Jung, Michael Peck, Joe Mansour, and Apurva Kumar of the Microsoft 365 Defender Research Team.
“All of the apps are available on the Google Play Store where they go through Google Play Protect’s automatic safety checks, but these checks previously did not scan for these types of issues.
“As it is with many of pre-installed or default applications that most Android devices come with these days, some of the affected apps cannot be fully uninstalled or disabled without gaining root access to the device.”
Well, that’s not good. But these apps have been fixed. Sort of. Microsoft reached out to the relevant parties and these vulnerabilities were fixed. But the at-risk framework is likely used by numerous other service providers who may still have apps out there that aren’t fixed. Which means that threat actors can still launch attacks.
To protect yourself, search for the package name com.mce.mceiotraceagent on you Android device. If you find it, delete it ASAP if you can. I say that because you might need root access to delete it.
Microsoft Discovers Security Flaws In Android Apps Provided By Canadian Telcos Among Other Telcos
Posted in Commentary with tags Android, Bell, Freedom Mobile, Rogers, Security, Telus on May 30, 2022 by itnerdThis isn’t a good look for Rogers, Bell, Freedom Mobile, TELUS and a few other telcos. According to BleepingComputer, Microsoft has found some serious vulnerabilities in Android apps that they distribute:
The researchers found these vulnerabilities (tracked as CVE-2021-42598, CVE-2021-42599, CVE-2021-42600, and CVE-2021-42601) in a mobile framework owned by mce Systems exposing users to command injection and privilege escalation attacks.
The vulnerable apps have millions of downloads on Google’s Play Store and come pre-installed as system applications on devices bought from affected telecommunications operators, including AT&T, TELUS, Rogers Communications, Bell Canada, and Freedom Mobile.
“The apps were embedded in the devices’ system image, suggesting that they were default applications installed by phone providers,” according to security researchers Jonathan Bar Or, Sang Shin Jung, Michael Peck, Joe Mansour, and Apurva Kumar of the Microsoft 365 Defender Research Team.
“All of the apps are available on the Google Play Store where they go through Google Play Protect’s automatic safety checks, but these checks previously did not scan for these types of issues.
“As it is with many of pre-installed or default applications that most Android devices come with these days, some of the affected apps cannot be fully uninstalled or disabled without gaining root access to the device.”
Well, that’s not good. But these apps have been fixed. Sort of. Microsoft reached out to the relevant parties and these vulnerabilities were fixed. But the at-risk framework is likely used by numerous other service providers who may still have apps out there that aren’t fixed. Which means that threat actors can still launch attacks.
To protect yourself, search for the package name com.mce.mceiotraceagent on you Android device. If you find it, delete it ASAP if you can. I say that because you might need root access to delete it.
Leave a comment »