A new software flaw has been found that threatens popular Microsoft apps.
Threat: A flaw has been discovered in software framework Electron, which is used to build apps like Skype and companion apps for Slack, Basecamp and WordPress.
Damage risk: The flaw allows attackers to remotely execute malicious codes.
Exploited flaw: Apps that register themselves as default apps for handling custom protocol formats like myapp:// are vulnerable to hackers. The flaw is in Electron’s framework app.setAsDefaultProtocolClient API.
Fixes/Workarounds: Electron developers released an updated version of the framework, along with a quick workaround. Microsoft also added support for finding attempts to exploit the flaw on systems with Windows Defender.
Info: tinyurl.com/Electron216
