Incomplete 'Go SMS Pro' Patch Left Millions of Users' Data Still Exposed Online

2020-12-01 06:13

A week after cybersecurity researchers disclosed a flaw in the popular GO SMS Pro messaging app, it appears the developers of the app are silently taking steps to fix the issue from behind the scenes.

Although the behavior was observed on version 7.91 of GO SMS Pro for Android, the app makers have since released three subsequent updates, two of which were pushed to the Google Play Store after public disclosure of the flaw and Google's removal of the app from the marketplace.

Now following an analysis of the updated versions, Trustwave researchers said, "GOMO is attempting to fix the issue, but a complete fix is still not available in the app."

"In v7.94, they are not blocking the ability to upload media in the app, but the media does not appear to go anywhere," the researchers said.

Given the lack of communication from the app developers and the fact that old data is being actively leaked, it is recommended to refrain from using the app until the issues are fully patched.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/6hf8yidoHT8/incomplete-go-sms-pro-patch-left.html

#online #patch