Ask any devices or smart home question in the Devices/Security or Network Troubleshooting Categories.
Windows OneDrive Security Vulnerability Confirmed: All You Need To Know
The monthly Patch Tuesday security updates from Microsoft always get a lot of attention, and rightly so. However, much of the focus tends to be on the Windows operating system itself. This is hardly surprising when you see that seven of the fifteen critical vulnerabilities fixed by Microsoft this month impact Windows 10. Oh, and two "zero-day" Windows vulnerabilities that are being actively exploited by attackers in the wild, as well. This month another vulnerability deserves to be on your threat intelligence radar, and it's for a Windows desktop application that more and more people are using as COVID-19 lockdowns mean they are working from home: OneDrive.
According to Microsoft, the CVE-2020-0935 vulnerability, is a privilege elevation risk that exploits how the OneDrive for Windows desktop app handles symbolic links. If successfully exploited, an attacker could take control of the affected Windows system by overwriting a targeted file and gaining elevated status.
To read the entire article please click on the Source link above.
-Warden Anastasia Luccio, Captain