at 4:37 AM

Microsoft found and shared a critical one-click exploit in the Android TikTok app

Microsoft has disclosed a critical vulnerability in the TikTok Android app that would have allowed for hackers to potentially hijack millions of user accounts.

In the security blog post that detailed the exploit, it was summarized that the exploit utilized JavaScript bridging in order to bypass deeplink verification for specifically the Android version of the social network's app. This vulnerability exists specifically in the East and Southeast Asia versions of the app. These two versions combined have 1.5 billion installations via the Google Play Store.

Following Microsoft's assessment of the vulnerability, the company informed TikTok of it in February of this year. Following this, the TikTok security team took steps to resolve it with a "efficient and professional resolution."

The latest version of the Android TikTok app has closed this exploit. Microsoft recommends updating the app as soon as possible to ensure you have the most secure release.

Further coverage: Microsoft Security Blog Engadget The Verge

by Ian Dorfman

Did you find this interesting?

Yes

Comments

No comments so far, maybe you want to be first?

Related news

All our news about: Social Networks Video Sharing Tools TikTok

TikTok on AlternativeTo

TikTok

Freemium • Proprietary
Social Network

Android
iPhone
Android Tablet
HUAWEI AppGallery
iPad

TikTok is a short-video social platform powered by music. Designed for the new generation of creators, TikTok allows users to quickly and easily create unique short videos to share with friends and the world.