If you make use of Google Drive for your personal or business use you should be aware of a flaw that was recently discovered in the Mountain View-based technology giant’s cloud storage service. The new flaw makes you vulnerable to malware and spam attacks if you often access shared files on Google Drive.

The flaw, discovered by A. Nikoci and reported by the The Hacker News shows how Google Drive’s “manage versions” is ripe for being messed around by hackers. If you’re not aware, “manage versions” on Google Drive let’s one see and access all the older versions of a file that was hosted and shared by Google Drive. This feature is also used to replace an older version of the file with a new file without breaking its share link.

The problem lies in the fact that Google does not check the file type when you upload a new version. For instance, an imagea JPEG filecan be replaced with an executable file (.exe) with the “manage versions” feature. Surprisingly, when previewed online Google Drive won’t indicate newly made changesin that it will show you a preview of the JPEG imagebut when downloaded it will download the newer .exe file.

You can see the same in action in the video below in which Nikoci replaces an innocuous-looking PDF file with an executable file. As seen in the video, the preview still shows the older PDF but on downloading the file it downloads the new executable file that was replaced using the “manage versions” feature on Google Drive.

And as seen in the video, the same file when downloaded from a website on Google Chrome is labelled with a ‘dangerous’ warning sign.

Nikoci said he reported the loophole to Google but the issue was still unpatched as of August 22. We have reached out to Google for an update on the same but meanwhile, beware from downloading files from unknown Google Drive folders.

is obsessed with culture and tech, offering smart, spirited coverage of the products and innovations that shape our connected lives and the digital trends that keep us talking.

Source: https://in.mashable.com/tech/16520/google-drive-flaw-lets-hackers-easily-install-malware

World news – THAT – Google Drive Flaw Lets Hackers Easily Install Malware

Building on its expertise in the areas of digital, technologies and processes , CSS Engineering you in your most ambitious transformation projects and helps you bring out new ideas, new offers, new modes of collaboration, new ways of producing and selling.

CSS Engineering is involved in projects each customer as if it were his own. We believe a consulting company should be more than an advisor. We put ourselves in the place of our customers, to align we incentives to their goals, and collaborate to unlock the full potential their business. This establishes deep relationships and enjoyable.

Our services:

  1. Create professional websites
  2. Hosting high performance and unlimited
  3. Sale and video surveillance cameras installation
  4. Sale and Installation of security system and alarm
  5. E-Marketing

All our achievements here https://www.css-engineering.com/en/works/


Please enter your comment!
Please enter your name here