Microsoft fixes major OneDrive for Android vulnerability

by Vlad Turiceanu
Vlad Turiceanu
Vlad Turiceanu
Passionate about technology, Windows, and everything that has a power button, he spent most of his time developing new skills and learning more about the tech world. Coming... read more
Affiliate Disclosure
cve fixed

The first set of security updates for 2020 was recently released to the general public. These are called the January Patch Tuesday updates, and they bring several new features and an entire host of security updates for Windows 10.

One good example of a fixed issue is where a OneDrive for Android vulnerability that could allow passcode or fingerprint bypass got fixed.

The official notes on the CVE’s website state that:

A security feature bypass vulnerability exists in Microsoft OneDrive App for Android. This could allow an attacker to bypass the passcode or fingerprint requirements of the App.
The security update addresses the vulnerability by correcting the way Microsoft OneDrive App for Android handles sharing links.

Due to this vulnerability, an attacker could get through the OneDrive App’s basic security functions and get full access to all of the data there.

Microsoft patched up this issue by adjusting these security functions and the way they work. Additionally, they changed the way the OneDrive App handles sharing links and how users can manipulate them.

This is just one of the many issues fixed by Microsoft in the latest Patch Tuesday updates, as over 50 other bugs and issues were fixed, some of which involved the Windows Search Indexer.


This article covers:Topics: