December 5, 2022
Microsoft is going public with a recently discovered vulnerability that may have seriously affected the Android version of the TikTok app.

The tech giant mentioned how the vulnerability would enable hackers to hijack different users’ accounts through a simple click. In this way, they would be in complete control and exploit users in various ways without anyone ever finding out.

All that was required was for the targeted user to simply press on a specially curated link that was maliciously designed for this purpose. Microsoft then went on to explain how the hackers would then gain control of users’ profiles and modify it according to their will.

This includes hijacking sensitive information like making private videos public, sending out texts, and even uploading content on the users’ behalf.

The major flaw was reported to be located inside both of TikTok’s Android versions. One is restricted for users in Southeast Asia while the other is for use anywhere else. As a whole, Microsoft has alerted users that already 1.5 billion downloads have taken place for both app versions, and that was alarming.

Microsoft mentioned how the crafted URL can force the loading of arbitrary webpages. In this way, attackers would gain access to JavaScript interfaces that enable the takeover via a simple click of a button.

Thankfully, the vulnerability is now fixed and there are similarly no reports about any wild forms of exploitation taking place too.

Now, the tech giant is setting out advice for the popular short video format app’s users to ensure they’re utilizing the latest version of this application. This is very true as hackers could be on the rise to exploit this huge flaw now, more than ever. After all, it’s now out in the open with a lot of proof of the concept is used for malicious means.

See also  Facebook Accuses Apple Of Tweaking Its Guidelines To Boost Its Own Business

TikTok released its most recent version for Android in March so those who follow automated updates would already have them.

Read next: The Most Hated Apps in Every Country and U.S. State