Google’s patches for Quick Share for Windows vulnerabilities leading to remote code execution were incomplete and could be easily bypassed.

Users who click on links are taken to ready-to-use phishing websites that collect personal information and credit card details.