Discovered by Marcin ‘Icewall’ Noga of Cisco Talos
Talos is releasing an advisory for a vulnerability in BlueStacks App Player. (TALOS-2016-0124/CVE-2016-4288). The BlueStacks App Player is designed to enable Android applications to run on Windows PCs and Macintosh computers. It’s commonly used to run popular Android games on these platforms.
Details
A weak registry key permission vulnerability exists in the BlueStacks application. By default the BlueStack installer sets a weak permission to the registry key, which contains InstallDir reg value, this can be used later by the BlueStacks service component. This default configuration gives a malicious user the ability to modify this value, which can lead to privilege escalation.
BlueStacks has addressed this issue from release version 2.4.43.6254 onwards, which is publicly available for download from http://www.bluestacks.com/.
In addition to providing software updates for our installed base, we are actively advising existing users to upgrade to the latest release available for download from http://www.bluestacks.com/.
Thank you
BlueStacks Support