IT researchers have discovered a flaw in Google Drive's "manage files" feature that can open the door to malware infection.
According to one system administrator, a hacker could "update" a file to a newer version that contains a malicious program. The Google Drive system apparently does not verify that the updated version contains the same file type or extension. The unsuspecting user, thinking he or she is grabbing an update to an existing document, is actually installing malware onto their computer.
Although this type of attack can only target those workers who routinely share documents on Google Drive, those numbers are steadily increasing as more people are working remotely.
Researchers have informed Google about this flaw, but no patch has yet been released. Users can protect themselves by using antivirus software and remaining cautious when retrieving updated files on Google drive, particularly when they are not expected. Jon Fingas "Google Drive flaw may let attackers fool you into installing malware" www.engadget.com (Aug. 22, 2020).