This tool can check your phone for apps with Android’s 911 bug


Photo: Emmi Korhonen (Getty Images)

Over the weekend, some Android users with Microsoft Teams installed started reporting that they couldn’t call 911 unless they were signed in to the latest app update. It’s a pretty creepy software bug, to be sure, and one that’s lucky has been fixed thanks to a new patch that Microsoft released for the latest Teams update. But Google won’t roll out an Android update until January 4, making some users nervous that another app may accidentally exploit the same bug.

Fortunately, a developer has released a tool designed to detect potentially vulnerable Android apps before those exploits happen. The PhoneAccountDetector Tool is built to identify apps with the same vulnerabilities found in Microsoft Teams before the patch. While these apps probably won’t stop users from making emergency calls right now (and may never cause that problem), this check can give users a tip about the vulnerable apps on their device before things get out of hand.

In a nutshell, the bug that hit Microsoft Teams can be traced to the app’s calling capabilities: when an app has the ability to make calls, it pings a certain endpoint — PhoneAccount — to complete that task. If an Android app’s internal code creates too many duplicates of that particular endpoint, like Microsoft Teams did pre-patch, it triggers the bug that blocks those emergency calls.

The actual technical failure is: much more complicated, but TLDR: an app doesn’t need more than one PhoneAccount endpoint; if you have too many, you risk having your device forward all calls, even emergency calls!, through that particular app by default.

Enter this new tool, aptly named “PhoneAccount Abuse Detector”. As the name suggests, this program searches the apps on your Android phone to find apps that accidentally create too many duplicate PhoneAccount endpoints. If no apps were found that abuse that particular endpoint, great! But if the Abuse Detector finds that an annoying app is pinging specific endpoints more than once, the developer who created the tool suggests that you might want to disable the app or remove it completely to prevent them from potentially interfering with emergency calls. You can also tell the developer of the app to update their shit.

While the upcoming January update of Android should fix this bug, this tool is a handy way to check the apps on your phone before that fix happens. And it’s easy to download! Just go to the programs GitHub page, download the Android application package (APK), install it on your phone and run it.


Stay tuned for more such real estate news and updates at zavalinka.in

Leave a Comment