A major security breach was discovered in pre-installed software on Xiaomi’s phones, which made users vulnerable to man-in-the-middle attacks with updates that could be handled by individuals connected to the same network.
The manufacturer has already corrected the breach.
According to Check Point researchers, the problem was in an application called Guard Provider, which extended the security of users with the combination of technologies from three companies: Tencent, AVL, and Avast.
The problem is that the software obtained its updates through an insecure and manipulative HTTP connection.
As a result, users were vulnerable to attack by intermediaries, which could be connected to the same Wi-Fi network.
Also, malicious connections could also be created for the application of compromised updates, opening a loophole for malware installation and data theft employing the interception of the connection.
Fortunately, the crash has already been resolved with a software update, jointly created by Xiaomi with Avast.
Following standard rules of the security industry, Check Point first informed the manufacturer, who said that it had moved quickly to correct the problem, ensuring that the gap was resolved before the disclosure of the fault to the public.
As it is pre-installed software, virtually all Xiaomi smartphone users would be vulnerable to this type of exploitation.
So if you have a brand-name device in your pocket, make sure the Guard Provider and other security applications are up-to-date and working so you do not take chances.
The same goes for the whole set of the operating system and installed software.
Keep all updates up-to-date and avoid downloading solutions outside of official marketplaces, thereby minimizing the risk of problems with malicious software versions.
If you want to be especially cautious, avoid connecting to public wireless networks, using only the mobile system when you are away from a trusted location.