Xiaomi Browsers Still Vulnerable After Failed Patches

It has been reported that Xiaomi browsers are still vulnerable after failed patches. Xiaomi has trouble permanently patching its browsers against a vulnerability that enables spoofing URLs in a way that is difficult to detect by users. The flaw affects the international versions of Mint Browser and Mi, the web browser that comes pre-installed on Xiaomi smartphones. It was patched and re-patched, and yet it still persists in the two products that are present on millions of devices. 

Anjola Adeniyi, Technical Leader at Securonix:

This takes phishing to another level and bypasses the obvious things users rely on like URL and SSL. That only their international versions have this security bug and not their Chinese versions is rather concerning, to say the least. 

This is made worse as China continues to emerge as pre-eminent in numerous areas of technology, and we’ve seen such debates in relations to Huawei and 5G. President Xi Jinping has explicitly set a goal, with a well-funded plan, for China to lead the world in AI and other advanced technologies by 2030.   

Following this sort of issue, Android users are advised to use web browsers that are not affected by this vulnerability, such as Chrome or Firefox.” 

 

 

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.