News

OneDrive File Picker flaw grants full drive access when users share a single file
Microsoft is being extremely careless with security boundaries in OneDrive. A recent Oasis Security analysis revealed that ...
CSO Online6d
If you use OneDrive to upload files to ChatGPT or Zoom, don’t
Users could potentially allow access to the entire drive because of the way Microsoft implements OAuth in OneDrive File ...
CPO Magazine1d
Security Flaw in Microsoft OneDrive File Picker Could Give Apps Full Cloud Storage Access
Researchers found a security flaw in OneDrive File Picker that grants apps access to any and all files in the account when ...
The Hacker News5d
Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File
Cybersecurity researchers have discovered a security flaw in Microsoft's OneDrive File Picker that, if successfully exploited ...
PCMag on MSN4d
This OneDrive Flaw Might Share Your Entire Drive With ChatGPT, Slack, More
Vague language in OneDrive's File Picker suggests people are only sharing access to one file when 'excessive permissions' are ...
SecurityWeek6d
OneDrive Gives Web Apps Full Read Access to All Files
Excessive permissions and ambiguous consent statements may provide web apps uploading files to OneDrive with read access to ...
TechRadar6d
A key Microsoft OneDrive feature has a worrying security flaw which could expose user data
Researchers found a flaw in Microsoft OneDrive File Picker The flaw stems in the lack of fine-grained OAuth permissions Microsoft acknowledges the flaw, but hasn't fixed it yet A vulnerability in ...
Oasis Security warns of excessive OneDrive File Picker permissions exposing entire drives
A new report out today from identity management startup Oasis Security Ltd. reveals critical security issues in Microsoft Corp.’s OneDrive File Picker, a widely used component that could expose users’ ...