Ethical Hacking News
New vulnerabilities have been discovered in Google's Quick Share data transfer utility for Windows, leaving users vulnerable to denial-of-service attacks and potential file transfers without consent. This vulnerability has significant implications for users and organizations that rely on this utility, highlighting the importance of regular security updates and monitoring.
Google's Quick Share data transfer utility for Windows has been exposed to two new vulnerabilities, leaving users vulnerable to denial-of-service attacks and potential file transfers without consent. The vulnerabilities, tracked as CVE-2024-10668 and CVSS score: 5.9, allow exploitation of a bypass for original shortcomings disclosed in August 2024 under the name QuickShell. Two of the ten vulnerabilities collectively tracked as CVE-2024-38271 and CVSS score: 7.1 were not fixed correctly, causing application crashes or unauthorized file transfers. Organizations must ensure employees are aware of potential security risks associated with using file-sharing utilities and take steps to educate them on proper usage and safety precautions. Companies must have robust incident response plans in place to quickly identify and respond to security breaches like this one.
Google has recently exposed two new vulnerabilities impacting its popular Quick Share data transfer utility for Windows, leaving users vulnerable to denial-of-service attacks and potential file transfers without consent. In a recent development, cybersecurity researchers have disclosed details of a new vulnerability in the Quick Share utility that could be exploited to achieve a denial-of-service (DoS) or send arbitrary files to a target's device without their approval.
The flaw, tracked as CVE-2024-10668 and CVSS score: 5.9, is a bypass for two original shortcomings disclosed by SafeBreach Labs in August 2024 under the name QuickShell. It has been addressed in Quick Share for Windows version 1.0.2002.2 following responsible disclosure in August 2024.
A consequence of these ten vulnerabilities collectively tracked as CVE-2024-38271 and CVSS score: 5.9, and CVE-2024-38272 and CVSS score: 7.1 was that they could have been fashioned into an exploit chain to obtain arbitrary code execution on Windows hosts. Quick Share (previously Nearby Share) is a peer-to-peer file-sharing utility similar to Apple AirDrop that allows users to transfer files, photos, videos, and other documents between Android devices, Chromebooks, and Windows desktops and laptops in close physical proximity.
A follow-up analysis by the cybersecurity company found that two of the vulnerabilities were not fixed correctly, once again causing the application to crash or bypass the need for a recipient to accept the file transfer request by directly transmitting a file to the device. Specifically, the DoS bug could be triggered by using a file name that starts with an invalid UTF8 continuation byte (e.g., "\xc5\xff") instead of a file name that begins with a NULL terminator ("\x00").
On the other hand, the initial fix for the unauthorized file write vulnerability marked such transferred files as "unknown" and deleted them from the disk after the file transfer session was complete. However, this could be circumvented by sending two different files in the same session with the same "payload ID," causing the application to delete only one of them, leaving the other intact in the Downloads folder.
The impact of these vulnerabilities has significant implications for users and organizations that rely on Quick Share for file transfers. SafeBreach researcher Or Yair stated, "While this research is specific to the Quick Share utility, we believe the implications are relevant to the software industry as a whole and suggest that even when code is complex, vendors should always address the real root cause of vulnerabilities that they fix."
The discovery of these new vulnerabilities highlights the importance of regular security updates and monitoring for vulnerable systems. Users who have not yet updated their Quick Share utility should take immediate action to patch this vulnerability by installing version 1.0.2002.2 or higher.
In addition, organizations must ensure that all employees are aware of potential security risks associated with using file-sharing utilities and take steps to educate them on proper usage and safety precautions. Furthermore, companies must have robust incident response plans in place to quickly identify and respond to security breaches like this one.
This news serves as a reminder to be vigilant about security updates and to prioritize proactive measures to prevent similar vulnerabilities from occurring in the future.
Related Information:
https://www.ethicalhackingnews.com/articles/New-Vulnerabilities-Exposed-Googles-Quick-Share-Data-Transfer-Utility-Under-Attack-ehn.shtml
https://thehackernews.com/2025/04/google-patches-quick-share.html
https://nvd.nist.gov/vuln/detail/CVE-2024-10668
https://www.cvedetails.com/cve/CVE-2024-10668/
https://nvd.nist.gov/vuln/detail/CVE-2024-38271
https://www.cvedetails.com/cve/CVE-2024-38271/
https://nvd.nist.gov/vuln/detail/CVE-2024-38272
https://www.cvedetails.com/cve/CVE-2024-38272/
Published: Thu Apr 3 05:12:53 2025 by llama3.2 3B Q4_K_M
