SHAREit fixes security bug that could have left nearly a billion users at risk

File-sharing app had over a billion downloads

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Topfile sharingapp SHAREit says that it has fixed a number of security flaws in its Android app that could have put up to a billion users potentially at risk.

The apps' developers have issued a patch for several vulnerabilities first detected by security firm Trend Micro earlier this month which could have allowed attackers access to data being stored onSHAREituser devices, as well as being able to also execute arbitrary code on the device.

The security flaws could have been present and vulnerable for over three months, putting many of SHAREit’s users at risk.

SHAREit patch

SHAREit patch

“On February 15, 2021, we became aware of a report by Trend Micro about potential security vulnerabilities in our app,” SHAREit said in apress release.

“The security of our app and our users' data is of utmost importance to us,” SHAREit added. “We are fully committed to protecting user privacy and security and adapting our app to meet security threats.”

Trend Micro had warned that the security flaws were particularly dangerous, as any attacks launched by exploiting these vulnerabilities would have been hard to detect as they masquerade the legitimate operations of the app.

The researchers claimed that the flaws were present as SHAREit implements its sharing functions with improper settings that leave it prone to abuse.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

The researchers were able to successfully exploit the vulnerabilities with a proof-of-concept app to gain temporary read/write access to the data on the device, and even managed to run arbitrary code on the device.

ViaBleepingComputer

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

The Galaxy S25 Ultra’s rumored iPhone-beating power could tempt me back to Android