Microsoft found and reported a serious security issue with TikTok
The Android TikTok app had a serious security issue, and Microsoft was the one that reported it. The company recently detailed the findings for the cybersecurity community, indicating that the high-severity vulnerability could have allowed attackers to compromise accounts in a single click. TikTok was also notified of the issue by Microsoft, and it has since been patched.
This specific vulnerability impacted TikTok on Android version 23.7.3 and lower, required several issues to be chained together to exploit, and was not used in the wild, according to Microsoft. This means that no one is likely to have been affected by it. There are actually two versions of TikTok on Android, one for East and Southeast Asia, and another for the rest of the world. Microsoft performed a vulnerability assessment and found both were impacted, meaning the vulnerability hit a total of 1.5 billion installations.
With the vulnerability, though, hackers could have hijacked an Android-based TikTok account without the user knowing just if the user clicked on a single link. The attacker could have accessed the compromised TikTok profile, letting them see private videos, send messages, or upload videos.