27 October 18, 17:36
(This post was last modified: 27 October 18, 17:37 by silversurfer.)
Quote:Microsoft says apps published on the Microsoft Store, many of them UWP (Universal Windows Platform) apps, are the most secure choice as all of them are protected against malware and threats that typically target Win32 software.
Technically, Microsoft allows UWP apps running in a sandbox to access the rest of the files stored on the hard-drive with the broadFileSystemAccess API.
This is required because there are UWP apps that need to store files on the local drives, load documents, and other operations with data on the PC. The API implementation, however, includes a warning that is displayed when the apps require access to files, so users can block them if they think it could be malware.
But as it turns out, this warning is flawed and may be blocked from showing up, as revealed by Windows developer Sebastien Lachance. In an analysis of the bug, the developer explains that the prompt could be bypassed by hackers, obtaining access to the locally-stored data without letting users know about it.
Source: https://news.softpedia.com/news/windows-...3469.shtml