Microsoft fixes Windows 10 UWP bug that could steal your data without you knowing -TEISS® : Cracking Cyber Security



News / Microsoft fixes Windows 10 UWP bug that could steal your data without you knowing














Microsoft has quietly fixed a bug in the on-hold Windows 10 October 2018 Update that in earlier versions wasn’t telling users when apps requested permission to access all of a user’s files.

The bug in the Windows ‘broadFileSystemAccess’ API could have given a malicious developer of Universal Windows Platform (UWP) apps access to all of a user’s documents, photos, downloads, and files stored in OneDrive.

The issue was spotted by .NET developer Sébastien Lachance who built an enterprise app that was suddenly broken in the Windows 10 October 2018 Update, aka 1809, the version currently on hold as Microsoft finalizes testing its fix for the data-loss bug.


























Source link