1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Western Digital desktop app exposes Windows and macOS users to at

    From TechnologyDaily@1337:1/100 to All on Mon Mar 21 15:15:04 2022
    Western Digital desktop app exposes Windows and macOS users to attack

    Date:
    Mon, 21 Mar 2022 14:58:33 +0000

    Description:
    The company urges all users to update the app to the newest version, immediately

    FULL STORY ======================================================================

    Western Digitals proprietary file explorer EdgeRover, has received a patch that addresses a critical security vulnerability.

    The fixed flaw, tracked as CVE-2022-22998, is a directory traversal bug,
    which essentially means - people were allowed to access restricted files. Discovered by cybersecurity researcher Xavier Danest, its been given a severity score of 9.1.

    The good news is that the endpoint already needs to be compromised, if this vulnerability is to be abused.In a published advisory, the company said very little about the flaw itself, other than if successfully exploited, could
    lead to the disclosure of sensitive information or denial-of-service. TechRadar needs you!

    We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a 100 Amazon gift card (or equivalent in USD). Thank you for taking part.

    Click here to start the survey in a new window << A patch is available

    All EdgeRover users are advised to update their endpoints to version 1.5.1.-594, or newer. The fix corrects both file and directory permissions.

    Western Digital did not say if the vulnerability was abused in the wild through viruses or malware . Its even difficult to say how many people use EdgeRover, but given the overall popularity of Western Digital, as a brand, its safe to assume that some people could be vulnerable.

    EdgeRover is a personal content management application, for Western Digital and SanDisk hardware, promising simplicity, usability, as well as advanced features such as powerful search, categorization, the detection of duplicate files, and similar.

    The application is available for both Windows and Mac OS. Read more

    Western Digital warns owners of My Cloud hard drives to update immediately


    Has Western Digital just unveiled the future of the hard drive?


    Western Digital unveils new SanDisk professional line-up

    Just like any other hardware manufacturer out there, Western Digital is no stranger to vulnerabilities. Late last year, it warned owners of the My Cloud NAS devices to update to the latest firmware immediately, as the older versions were being terminated due to an increasing number of attacks.

    My Cloud OS 5 is a major and fundamental security release that provides an architectural revamp of our older My Cloud firmware and adds new defenses to thwart common classes of attacks, WD explained back then. Keep your organization safe with these best ransomware protection services

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/western-digital-desktop-app-exposes-windows-and -macos-users-to-attack/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)