AirDroid patches a contact card vulnerability that could let attackers steal your phone’s data

BY

Published 18 Feb 2016

NSFW AI Why trust Greenbot

We maintain a strict editorial policy dedicated to factual accuracy, relevance, and impartiality. Our content is written and edited by top industry professionals with first-hand experience. The content undergoes thorough review by experienced editors to guarantee and adherence to the highest standards of reporting and publishing.

Disclosure


AirDroid is the latest target in the never-ending battle against Android malware. The popular desktop-to-mobile syncing tool recently patched a phone data hijack malicious code execution scheme, originally uncovered by security firm Check int.

The attack works by sending a message with nefarious code hiding inside of a contact card (vCard). The attacker can then execute the code steal data if the receiver opens the card accessed via AirDroid. (safeanimalshelter/)

After Check int alerted AirDroid to the issue, the AirDroid team pushed out version 3.2 of the its Android app, which repairs the breach. ong with ensuring that the desktop software is up to date, you should also check that you have the latest build of AirDroid from the  ay Store.

y this matters: Sometimes the danger is overblown, but the security situation on Android is worth paying attention to. Android’s open nature makes it susceptible to a number of attacks, although other top OEMs have stepped up their game by offering monthly security updates. There’s no need to go back to pencil paper, but it’s a good practice to be aware of the latest threats.