CVE-2024-33352: BlueStacks Vulnerability Puts Millions of Gamers at Risk

A vulnerability in BlueStacks, a popular Android emulator used by millions of gamers worldwide, has been discovered by security researcher Maciej Miszczyk. The vulnerability, tracked as CVE-2024-33352, could allow attackers to gain full control of a victim’s computer if exploited.

What is the Vulnerability?

BlueStacks runs the Android operating system within a virtual machine (VM) on a user’s computer. The vulnerability lies in how BlueStacks configures its virtual machine files, making them accessible to all users on the system. This means that an unprivileged user (someone without administrative rights) could potentially modify these files to gain access to the host operating system, including sensitive data and files.

How Does the Attack Work?

The attack involves two stages:

1. Virtual Machine Escape: The attacker modifies the BlueStacks configuration files to grant the Android VM access to the entire C drive of the host system.
2. Code Execution: The attacker then installs a malicious app on the Android VM, which can then drop a payload into the startup folder of the host system. When the victim restarts their computer, this payload is executed with the victim’s privileges, giving the attacker full control.

Who is Affected?

All users of BlueStacks for Windows versions prior to 10.40.1000.502 are potentially at risk. BlueStacks claims to have over 500 million users, making this a significant security concern.

What Should You Do?

If you are a BlueStacks user, update to the latest version immediately. This will patch the CVE-2024-33352 vulnerability and protect your system from potential attacks.

Related Posts:

• Sharp Stealer: New Malware Targets Gamers’ Accounts and Online Identities
• Unmasking the Tweaks Malware Menace Targeting Roblox Gamers