A newly-discovered security flaw in OneDrive's File Picker feature could expose users’ entire OneDrive content to third-party web applications such as ChatGPT.
The vulnerability, discovered by Oasis Security, allows websites to access a user’s entire OneDrive content, rather than just the specific files selected for upload via the File Picker feature.
Researchers said they believe that hundreds of apps are affected, including ChatGPT, Slack, Trello, and ClickUp – meaning millions of users may already have fallen victim.
The study warned this could lead to serious consequences, including customer data leakage and violation of compliance regulations.
"The official OneDrive File Picker implementation requests read access to the entire drive – even when uploading just a single file – due to the lack of fine-grained OAuth scopes for OneDrive," the researchers warned.
"While users are prompted to provide consent before completing an upload, the prompt’s vague and unclear language does not communicate the level of access being granted, leaving users open to unexpected security risks."
This, they said, makes it impossible for users to distinguish between malicious apps that target all files and legitimate apps that ask for extensive permissions simply because there is no other secure option.
Meanwhile, researchers found sensitive secrets used for this access are often stored insecurely by default.
The latest version of OneDrive File Picker - 8.0 - requires developers to handle authentication themselves, typically using the Microsoft Authentication Library (MSAL) and most likely using the Authorization Flow.
However, MSAL stores sensitive tokens in the browser’s session storage in plain text, while with Authorization Flows a Refresh Token may also be issued, lengthening ongoing access to the user's data.
Notably, OpenAI uses version 8.0 - meaning that ChatGPT could have full read access to users' entire OneDrive.
How to approach the OneDrive File Picker flaw
Organizations should navigate to the list of enterprise applications in the Entra Admin Center, Oasis advised, and check the permissions granted to each app.
In the case of web apps, if possible they should temporarily remove the option to upload files using OneDrive through OAuth until Microsoft provides a secure alternative.
"Many people forget how vital the data in their OneDrive folders often is – scanned documents that end up in the 'My Pictures' or 'My Documents' folders may hold the key to one’s credit identity and profile," cautioned Jamie Boote, associate principal consultant at Black Duck.
"Private medical or banking records may get shuffled in and forgotten about, and private photos that were taken by accident synced from your phone to your computer can all silently file into your OneDrive-enabled folders. Whenever an app asks if you trust it, you’re trusting it with your most precious data."
Oasis said it had reported the flaw to Microsoft and advised vendors using OneDrive File Picker of the issue. Microsoft, it said, is considering tighter alignment between what OneDrive File Picker does and the access it requires.
MORE FROM ITPRO
-
UK SMBs are ramping up cybersecurity spending – and it’s about timeNews While small businesses are aiming to bolster their cyber defences, they're wary of AI
-
Java celebrates its 30th birthday and more Microsoft developer layoffsITPro Podcast Is AI coming for everyone's job now? Plus Dragonforce emerges as the tool behind UK retail attacks
-
Microsoft ramps up zero trust capabilities amid agentic AI pushNews The move from Microsoft looks to bolster agent security and prevent misuse
-
So long, Defender VPN: Microsoft is scrapping the free-to-use privacy tool over low uptakeNews Defender VPN, Microsoft's free virtual private network, is set for the scrapheap, so you might want to think about alternative services.
-
Hackers are on a huge Microsoft 365 password spraying spree – here’s what you need to knowNews A botnet made up of 130,000 compromised devices has been conducting a huge password spraying campaign targeting Microsoft 365 accounts.
-
Everything you need to know about the Microsoft Power Pages vulnerabilityNews A severe Microsoft Power Pages vulnerability has been fixed after cyber criminals were found to have been exploiting unpatched systems in the wild.
-
Microsoft is increasing payouts for its Copilot bug bounty programNews Microsoft has expanded the bug bounty program for its Copilot lineup, boosting payouts and adding coverage of WhatsApp and Telegram tools.
-
Hackers are using this new phishing technique to bypass MFANews Microsoft has warned that a threat group known as Storm-2372 has altered its tactics using a specific ‘device code phishing’ technique to bypass MFA and steal access tokens.
-
A new phishing campaign is exploiting Microsoft’s legacy ADFS identity solution to steal credentials and bypass MFANews Researchers at Abnormal Security have warned of a new phishing campaign targeting Microsoft's Active Directory Federation Services (ADFS) secure access system.
-
Hackers are using Microsoft Teams to conduct “email bombing” attacksNews Experts told ITPro that tactics like this are on the rise, and employees must be trained effectively
