A critical vulnerability impacting 50 million Android users running the popular AirDroid application has been patched. AirDroid, an app that allows you link an Android device to a computer and send SMS messages, run apps and add contacts via a Wi-Fi connected web browser, released the patch Jan. 29.
Check Point security researchers disclosed the AirDroid vulnerability on Thursday, issuing an alert that outlined how attackers could steal data from unsuspecting users. The exploit could be carried out if an attacker sends an SMS message that appears to be a legitimate (vCard) contact. When user saves the contact to their device, that allows an attacker’s malicious payload to exploit a vulnerability in the AirDroid application,
according to the Check Point report.
