Windows OneDrive Security Vulnerability Confirmed: All You Need To Know

kltaylor Member, Beta Tester Posts: 1,231
1000 Comments 500 Likes 50 Answers 100 Awesomes

The monthly Patch Tuesday security updates from Microsoft always get a lot of attention, and rightly so. However, much of the focus tends to be on the Windows operating system itself. This is hardly surprising when you see that seven of the fifteen critical vulnerabilities fixed by Microsoft this month impact Windows 10. Oh, and two "zero-day" Windows vulnerabilities that are being actively exploited by attackers in the wild, as well. This month another vulnerability deserves to be on your threat intelligence radar, and it's for a Windows desktop application that more and more people are using as COVID-19 lockdowns mean they are working from home: OneDrive.

CVE-2020-0935 confirmed

According to Microsoft, the CVE-2020-0935 vulnerability, is a privilege elevation risk that exploits how the OneDrive for Windows desktop app handles symbolic links. If successfully exploited, an attacker could take control of the affected Windows system by overwriting a targeted file and gaining elevated status.

To read the entire article please click on the Source link above.

"There's a fine line between audacity and idiocy."
-Warden Anastasia Luccio, Captain