Home / os / winnt

Microsoft OneDrive 19.232.1124.0010 DLL Hijacking

Posted on 10 July 2020

A file hijacking vulnerability was found in the Microsoft OneDrive client. This vulnerability allows a local attacker to plant a DLL file on the local machine. This DLL will then be loaded whenever (another) user launches OneDrive, running with the privileges of the victim. This issue was successfully verified on Microsoft OneDrive version 19.232.1124.0010.

 

TOP