Google Released Second Fix for Quick Share Flaws After Patch Bypass

The patches Google rolled out last year to address vulnerabilities in the Quick Share data transfer utility that could lead to remote code execution (RCE) were incomplete and could easily be bypassed, cybersecurity firm SafeBreach says.

Quick Share was initially developed for Android only, but was later released on Windows and Chrome as well, allowing users to share files with compatible devices nearby over Bluetooth, Wi-Fi, NFC, and other protocols.

In August last year, Safebreach shared details on 10 flaws in Quick Share for Windows that could allow attackers to write files to a target device without a user’s approval, cause crashes, redirect traffic, and perform other malicious actions.

Read more.