Users on Windows PC and Mac are potentially vulnerable because of a flaw found in the EdgeRover app from Western Digital. There is a bug in the app that could open the platforms to DoS attacks and put sensitive information at risk.
Western Digital has published a report confirming the issue, but unfortunately the company does not go into detail on the specifics. What we do know is the risks and that updating to EdgeRover version 1.5.1-594 will mitigate the vulnerability:
“EdgeRover was vulnerable to a directory traversal vulnerability that allowed an attacker to carry out a local privilege escalation and escape basic file-system sandboxing. These vulnerabilities when successfully exploited could lead to disclosure of sensitive information or denial-of-service.”
The problem was first discovered by security researcher Xavier Danest (via BleepingComputer), who disclosed the issue to Western Digital.
While the company has solved the issue with an update, the usual issues with some users simply not updating means many will remain at risk. WD has not said how many customers it thinks have been affected by the problem.
It is worth noting the company recently found itself on the end of a major problem that resulted in 6.5 exabyters (6.5 billion GB) or memory simply ceasing to exist. A contamination at a Western Digital plant resulted in that huge memory loss. This happened amid an already alarming global shortage of memory/PC components.
Western Digital remains one of the leaders in the memory space despite recent issues. The company has taken swift action against the EdgeRover flaw and it is now up to users to install the relevant update to patch their app.
Tip of the day: Do you get flooded by notifications from apps and want to disable them completely or just the notification sound? Our tutorial shows you how to do this. As an alternative, you can also configure Windows Focus Assist (Do Not Disturb Mode) and set quiet hours.