It has been reported that security researchers have discovered multiple vulnerabilities in a pre-installed app on phones made by one of the world’s biggest smartphone vendors that potentially impacted the privacy and security of more than 150 million Android users worldwide. The vulnerabilities were found in an app pre-installed on smartphones made by Xiaomi, the biggest mobile phone manufacturer in China and India, and the fourth biggest by market share in the world.
Andrew van der Stock, Senior Principal Consultant at Synopsys:
“Phone manufacturers and software providers have a special responsibility to employ security reviews, supply chain security management, and ensure that any such applications that cannot be removed from the phone are truly safe. The reality is that for most consumers, Android One phones, which have a stock Android experience are likely to be an excellent choice, as there is no additional software, and Google provides timely security updates for the support period of the phone.”