AirDroid grounded. Get patching, fanbois
AirDroid grounded. Get patching, fanbois fandroids
FTFY
Flaws in a widely used Android device manager app leave users at risk of phone data hijacking and malicious code execution unless they update their smartphones, security researchers warn. Flaws in the AirDroid, a free device manager app which allows users to access their Android devices through their computers, leave an …
.... Quickly fixed?
I'm confused, why is this leaving millions at risk? Almost clickbait level headline there. Most people will have had auto updates on, its not a core android bug that'll be in the ecosystem for years on unpatched devices... It's just an app bug and took professional bug hunters how long to figure it out and report it, and was quickly fixed and rolled out by the developers. Seems like a good thing to me, bugs happen, the fact they fixed it quickly means I'd be likely to use them if I ever wanted this functionality in the future.
So the app is running and somehow is intercepting SMS messages but one of the ones it intercepts could exploit a bug in the app that p0wns the phone?
So essentially this app is allowed to run as root and grub through your SMS messages? What in the heck does it do that it needs that level of privilege and why would anyone be dumb enough to grant an app that level of privilege?