Some of the most popular Android applications installed on your phone may be vulnerable to a new type of attack named "Man-in-the-Disk" that can grant a third-party app the ability to crash them and/or run malicious code.
Discovered by the Check Point team, the Man-in-the-Disk (MitD) attack scenario revolves around an app's ability to use "External Storage," one of the two types of data storage methods supported by the Android OS.
What's Internal and External Storage?
To better understand the attack, a general knowledge of the Internal and External Storage concepts is necessary.
Internal Storage, also known as System Memory, is a section of an Android's phone's built-in storage space that stores the operating system itself, system apps, drivers, and selected data of user-installed apps.
Each installed app can allocate itself "internal storage" space that is protected by a sandboxed environment, meaning it can't be accessed by any other app.
...
.....
...