![]() “An attacker could embed a malicious iframe in a website with a crafted URL () that would launch the TeamViewer Windows desktop client and force it to open a remote SMB share,” according to an advisory by Jeffrey Hofmann, security engineer at Praetorian, who disclosed the flaw. In this specific case, values are not “quoted” by the app – meaning that TeamViewer will treat them as commands rather than as input values. But because handler applications can receive data from untrusted sources, the URI values passed to the application may contain malicious data that attempts to exploit the app. Apps need to identify the URIs for the websites they will handle. The recently discovered flaw stems from the Desktop for Windows app (CVE-2020-13699) not properly quoting its custom uniform resource identifier (URI) handlers. TeamViewer is a proprietary software application used by businesses for remote-control functionalities, desktop sharing, online meetings, web conferencing and file transfer between computers. ![]() There is no need to keep it even on your. ![]() Then, it will activate immediately and perform its task. All you need to do is download this lightweight program for free. ![]() Instead, given that the Photo Viewer is already present, the tool only helps you find it and set it up as default. If exploited, the flaw could allow remote, unauthenticated attackers to execute code on users’ systems or crack their TeamViewer passwords. The Restore tool doesnt install Windows Photo Viewer on your PC. png, etc) to my favourite image viewer (ToyViewer) from the standard default app (Preview). Popular remote-support software TeamViewer has patched a high-severity flaw in its desktop app for Windows. Since upgrading to OS X Yosemite, Ive repeatedly had to reset the default app for opening image files (.jpg. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |