LOS ANGELES: A serious security flaw in Microsoft Authenticator could allow attackers to gain access to services and accounts – the very thing the company's authentication app is designed to protect against.
Microsoft classified the vulnerability as "critical" and released updated versions of the app on May 14 in which the problem is said to have been fixed.
Users should install the updates – for example by checking whether updates are available in their app store if automatic updates are switched off. The secure Android version is numbered 6.2605.2973 or higher. For iOS, version 6.8.47 or higher is secure.
As a general rule, automatic updates should be enabled for security reasons.
How to enable automatic updates on Android:
- Open the Google Play app.
- Tap your profile picture in the top right.
- Navigate to Settings/Network settings/Auto-update apps.
- Select an auto-update option, such as "Over Wi-Fi only."
On iOS, both pre-installed and manually installed apps are updated automatically by default. Anyone unsure whether this setting may have been changed can check as follows:
- Open Settings.
- Go to Apps/App Store.
- Under App Updates, the toggle must be set to green.
– dpa
