Vulnerability: Spoofing Microsoft Bing Search website in Android phones

Researchers have revealed the finding of a high severity vulnerability in Bing search engine for mobile devices with Android operating system. According to experts from a cyber security consulting company, successful exploitation of this flaw would allow the creation of fake websites.

This vulnerability exists due to incorrect HTML content processing; Threat actors can exploit the vulnerability to create malicious websites and trick users into thinking they are visiting legitimate pages.  

Experts from the cyber security consulting company know this attack variant as website spoofing.

Tracked as CVE-2020-1329, this vulnerability received a score of 4.7/10 on the Common Vulnerability Scoring System (CVSS) scale, so it is considered a medium severity flaw.

The flaw could be exploited by unauthenticated remote hackers, although so far no exploit has been reported for the attack. Patches are already available, so the Android smartphones users should only install updates sent by the company to their devices, cyber security consulting experts mention. 

For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.