There is a security vulnerability in the drive cloud storage that attackers could use to spread malware. The security expert who discovered the vulnerability has already reported it to Google.
So far, the vulnerability has not been fixed by Google, as they were able to find out in a short test. The problem lies in the feature available for every file uploaded to Google Drive. Google automatically checks each file the first time it is uploaded. However, if the content of the file is changed to manage versions, this check is obviously not carried out.
Actually, the manage version function in Google Drive is used to update the uploaded files, for example if their content has changed, so that you or the person with whom you shared the link to the file always have a current or receives updated version of the file. However, Google has not yet checked whether it is actually just an update of the previously existing file or whether it’s entire content, including the file type.
Advanced users should notice if a file is suddenly downloaded instead of the desired document. Windows also warns against installing an executable file. But if you click away such warnings quickly, you could inadvertently catch malware. So far, there is no evidence that this method is being exploited by attackers. To make matters worse, the browser classifies all downloads from Google Drive as trustworthy.
Antivirus Software Should Be Used On The Computer
The best way to protect yourself against these and similar attacks is to carefully read all notices from the browser and operating system before confirming them. When downloading from Google Drive, you should take a closer look at the file name and not rely solely on the information displayed by Google Drive in the preview. In addition, antivirus software should be used on the computer and kept up to date.
