We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

Online Sales Guide Tips
+

Menu

Skip to content
  • Home
  • Our Services
    • Advertisement and Content Publishing
    • Contact Us to Publish
    • Sponsored Content
  • About
    • Disclaimer
    • Privacy Policy
    • Terms and Conditions
    • About Us

Microsoft Identifies TikTok Vulnerability Allowing One-Click Account Hijacking

admin September 19, 2022TikTok Securityaccount, Allowing, Hijacking, Identifies, Microsoft, OneClick, TikTok, Vulnerabilityadmin
Hi, Welcome
Welcome back


Microsoft Identifies TikTok Vulnerability Allowing One-Click Account Hijacking



by Laurie Sullivan , Staff Writer @lauriesullivan, August 31, 2022

Microsoft’s security team has found a vulnerability in the TikTok Android app.


The 365 Defender Research Team on Wednesday explained in a post how the one-click exploit could have allowed hackers to hijack millions of accounts.


“The vulnerability, which would have required several issues to be chained together to exploit, has been fixed and we did not locate any evidence of in-the-wild exploitation,” the company wrote in a blog post. “Attackers could have leveraged the vulnerability to hijack an account without users’ awareness if a targeted user simply clicked a specially crafted link.”


Attackers could have accessed and modified users’ TikTok profiles and sensitive information, such as by publicizing private videos, sending messages, and uploading videos on behalf of users, the company said.


Microsoft’s security team explains in the post that the vulnerability involved an oversight with TikTok’s deep-linking function.


The vulnerability allowed hackers to bypass the app’s deep-link verification function. Attackers could force the app to load an arbitrary URL to the app’s WebView, allowing the URL to then access the WebView’s attached JavaScript bridges and grant functionality to attackers.


Most marketers know, but for those who don’t, a deeplink is a hyperlink that links to a specific component in a mobile app and consists of a scheme and, usually, a host, Microsoft explains. When a deeplink is clicked, the Android package manager queries all the installed applications to see which one can handle the deeplink and then routes it to the handler of that link. (More explained here.)


“Performing a vulnerability assessment of TikTok, we determined that the issues were affecting both flavors of the app for Android, which have over 1.5 billion installations combined via the Google Play Store,” Microsoft said. 


Microsoft’s team informed TikTok in February. TikTok quickly responded by releasing a fix to address the reported vulnerability.


Microsoft’s security team found a vulnerability in the TikTok Android app — a one-click exploit that could have allowed hackers to hijack millions of accounts, the 365 Defender Research Team on Wednesday explained in a post.

 

MediaPost.com: Search & Performance Marketing Daily

(19)

Report Post

Post navigation

← What will have the biggest impact on consumer holiday shopping? The Metaverse Hits An Impasse →

You may also Like

Productivity

If Time Is Money; Think Annual

Marketing Campaigns

VidMob Introduces Platform To Analyze The Creative’s Performance

Virtual Meetings

3 Factors to Improve Attention and Interaction in Virtual Meetings

Social Community

20 Community-Building Tips That Will Get You Noticed

Leadership Skills

Make An Impact: Taking It To The Next Level

Marketing Guide

Just Making the Grade with Email Marketing? Here’s How to Get an A+ and Surpass Revenue Goals

Marketing Agility

Scaling agile with the Agile Marketing Navigator framework

Internet Access

Frontier rolls out 5Gbps fiber internet across the US

Leadership Stories

Pope Francis calls on global leaders to ensure AI remains human-centric

Email Marketing Metrics

How to Say Goodbye to Old Unengaged Subscribers the Right Way

SEM & SEO

SEMrush

Recent Posts

  • Why Canva doubled down on a musical to hype its new products
  • Beyond tagging: High-value GenAI use cases for DAM by Vertesia
  • Adobe’s AI Agentic Vision For Creators
  • Most celebrity endorsements are expensive mistakes
  • What Yodel Does For Mobile, Why NP Digital Acquired It

Pages

  • About Us
  • Advertisement and Content Publishing
  • Contact Us to Publish
  • Disclaimer
  • Privacy Policy
  • Terms and Conditions

Proudly powered by WordPress | Child Theme by: Crayonux

Report Post

« »

 

Your Name:

Your Email:

Please tell us why do you think this post is inappropriate and shouldn't be there:


Cancel Report