Cyber security sleuths have alerted Android users against a suspicious activity being detected in the commonly used search engine ‘Bing’. Terming the severity of the malfunction as “medium”, the Indian cyberspace security agencies have alerted users that a possible attack of the virus could “compromise” sensitive information of the owner stored on the phone. Also Read - WhatsApp iOS to Android chat history migration now available on Pixel, Android 12 devices
This vulnerability has been found affecting Microsoft Bing version 4.2.0 and earlier on the Android devices. “Arbitrary code execution vulnerability has been reported in Microsoft Bing for Android which could allow remote attackers to execute arbitrary code and install arbitrary APK (Android application package file) on Android devices,” an advisory issued by the Computer Emergency Response Team-India (CERT-In) said. Also Read - How to turn off auto-correct feature on your Android smartphone or tablet
The CERT-In is the nodal agency to combat hacking, phishing and to fortify security-related defenses of the Indian internet domain. Describing the abnormal activity, the agency in its latest advisory said “a flaw has been reported in Microsoft Bing for Android which could trigger while handling DNS (domain name system) responses on an insecure network.” Also Read - How to use self-chat feature on WhatsApp to create notes, to-do list
“An attacker could leverage this issue to executing arbitrary code within the context of the application. Successful exploitation of this vulnerability could allow an attacker to install arbitrary APK files via vectors involving a crafted DNS response, leading to the compromise of the device and resulting in information disclosure,” the agency said.
Cyber security experts said Android phone users taking the help of Bing to surf the Internet should update their existing versions and deploy proper anti-virus on their systems.