Microsoft found a problem in TikTok that might expose millions of users’ private footage

According to research conducted by Microsoft 365, Defender Research TeamA flaw in the TikTok app for Android might allow hackers to take control of millions of users’ private, short-form movies if they clicked on a malicious link. Microsoft discovered a high-severity flaw in the TikTok Android app that could have allowed attackers access to users’ accounts with just one click.

Since then, the Chinese company has addressed the vulnerability, which required a series of issues to get exploited. The internet giant claimed in a statement late on Wednesday that if a targeted user simply clicked a specially designed link, attackers might have used the flaw to hijack an account without users’ awareness.

After then, attackers might have acquired access to users’ TikTok accounts and sensitive information and changed it, for instance by posting videos, sending messages, or making public-private movies on users’ behalf. TikTok has two variations of its Android app for users in East and Southeast Asia and the rest countries.

The TikTok vulnerability assessment was performed by the Microsoft team, and it was discovered that both Android versions of the app—which had received over 1.5 billion downloads from the Google Play Store—were affected by the issues.

A professional Microsoft security researcher carefully thought through the repercussions and alerted TikTok to the issues. TikTok promptly released a remedy to address the discovered vulnerability, which is now known as CVE-2022-28799, according to Microsoft. For more information, users can refer to the CVE entry.

It went on to advise TikTok users to make sure they are using the latest updated version of the program.




Readers like you help support The Tech Outlook. When you make a purchase using links on our site, we may earn an affiliate commission. We cannot guarantee the Product information shown is 100% accurate and we advise you to check the product listing on the original manufacturer website. Thetechoutlook is not responsible for price changes carried out by retailers. The discounted price or deal mentioned in this item was available at the time of writing and may be subject to time restrictions and/or limited unit availability. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates Read More

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

function init() { var vidDefer = document.getElementsByTagName('iframe'); for (var i=0; i