From time to time, social media applications face one of the most serious issues, which is security vulnerabilities, often exploited as a common method of hacking. In the latest chapter, researchers at Microsoft issued a warning about a security flaw in the popular TikTok app that could have allowed hackers to steal user accounts.
**"Highly Critical" Flaw**
They revealed in a post on August 31 about an error in the app on the Android system, according to The Sun newspaper. Fortunately, the "highly critical" flaw, named CVE-2022-28799, has been patched, and there is no evidence that attackers exploited it to compromise accounts.
**What If They Exploited the Flaw?**
If hackers had exploited the flaw, they could have accessed accounts with just one click. A malicious link could have been sent via email or other online messaging services. If the recipient clicked on it, their account would be compromised immediately. From there, scammers could post private videos, send messages, and upload videos on behalf of the victims.
**"No Evidence"**
Microsoft stated in the post that "the security flaw allowed bypassing the app's deep link verification." The error was detected by Microsoft's 365 Defender Research team, which reported it to TikTok. TikTok subsequently fixed the issue, confirming that "there is no evidence" of the flaw being exploited by malicious actors.
**Think Twice Before Clicking**
This situation highlights the importance of thinking twice before clicking on a link sent from an unknown email address or phone number. If you are unsure of who sent you something, it is best to take a moment to verify its safety. If you believe a malicious link or file has been sent to you, report the sender and delete the message immediately. It is also essential to always ensure that your smartphone and applications are updated with the latest software.
