Описание
Microsoft Bing Search Spoofing Vulnerability
A spoofing vulnerability exists when Microsoft Bing Search for Android improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. The specially crafted website, when browsed using the app could spoof the URL and serve malicious content.
To exploit the vulnerability, the user must either browse a malicious website with Bing Search App or be redirected to it by the attacker.
The security update addresses the vulnerability by correcting how Microsoft Bing Search for Android displays the site URL.
FAQ
How do I get the update for Bing Search for Android?
- Tap the Google Play icon on your home screen.
- Swipe in from the left edge of the screen.
- Tap My apps & games.
- Tap the Update box next to the Bing Search app.
Is there a direct link on the web?
Yes: https://play.google.com/store/apps/details?id=com.microsoft.bing&hl=en_US
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Bing Search for Android |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
Связанные уязвимости
A spoofing vulnerability exists when Microsoft Bing Search for Android improperly handles specific HTML content, aka 'Microsoft Bing Search Spoofing Vulnerability'.
A spoofing vulnerability exists when Microsoft Bing Search for Android improperly handles specific HTML content, aka 'Microsoft Bing Search Spoofing Vulnerability'.
Уязвимость поисковой системы Microsoft Bing Search for Android, связанная с некорректной обработкой содержимого HTML-страниц, позволяющая нарушителю проводить спуфинг-атаки
EPSS