Microsoft security researchers have discovered numerous high-severity flaws in a mobile framework used in pre-installed Android System apps, warning that exploitation might have resulted in the installation of a persistent backdoor on Android devices.
A total of four reported vulnerabilities were discovered – and resolved – in a mobile framework owned by MCE Systems, an Israeli business that offers software to mobile operators, according to a Microsoft 365 Defender Research Team alert posted Friday.
The bug hunters noted that some of the impacted programmes cannot be fully deleted or stopped without getting root access to the device, as is the case with many pre-installed or default apps that go with Android smartphones.
Read More: https://www.securityweek.com/microsoft-finds-major-security-flaws-pre-installed-android-apps