A Key Microsoft OneDrive Feature Has a Worrying Security Flaw Which Could Expose User Data

A key Microsoft OneDrive feature has a worrying security flaw which could expose user data

You might want to pause uploading files using OneDrive through OAuth until Microsoft releases a fix.

A key Microsoft OneDrive feature has a worrying security flaw which could expose user data - WorldNL Magazine

(Image credit: Shutterstock - monticello) Researchers found a flaw in Microsoft OneDrive File PickerThe flaw stems in the lack of fine-grained OAuth permissionsMicrosoft acknowledges the flaw, but hasn't fixed it yetA vulnerability in Microsoft’s OneDrive File Picker has been found which could allow threat actors to access people’s entire cloud archives, experts have warned.Security researchers Oasis discovered the flaw and reported it to Micro…

Techrights — Links 29/05/2025: YouTube Problem and Giant Privacy Hole in Microsoft OneDrive

Links for the day

OneDrive File Picker Flaw Gives Apps Full Access to User Drives - Millions At Risk

Oasis Security finds Microsoft OneDrive File Picker grants apps full drive access, exposing millions of users to data risks through broad permissions.

Oasis Security warns of excessive OneDrive File Picker permissions exposing entire drives - SiliconANGLE

A new report out today from identity management startup Oasis Security Ltd. reveals critical security issues in Microsoft Corp.’s OneDrive File Picker, a widely used component that could expose users’ entire OneDrive content to third-party web applications. The flaws, which affect numerous services, including ChatGPT, Slack, Trello and others, arise from excessive permissions granted through OAuth protocols and […] The post Oasis Security warns …