New Delhi. Google Chrome is used worldwide. This web browser is popular all over the world. Meanwhile, information about security breach has come to the fore in the browser, due to which concern has increased among the users of the browser. In fact, a cyber security firm named Imperva Red has detected a flaw in Google Chrome and Chromium-based browsers, which is putting the data of more than 2.5 billion (250 crore) users at risk.

The firm says that a flaw in the browser allows the theft of sensitive files. According to the company, the flaw was discovered through a review of the way the browser interacts with the file system. Specifically, it allows data theft with the help of common flaws related to browser process symlinks.

What is symlink?
Imperva Red defines a symlink or a symbolic link as a file. It points to another file. This allows the operating system to treat the file as linked. Using symlinks can be useful for creating shortcuts, redirecting file paths, or organizing files in a flexible way. However, if such a link is not handled properly, it can also be used to introduce vulnerabilities.

Also read- Now login without entering password on Google Chrome, work will be done instantly

symlink not checked properly
In the case of Google Chrome, the problem arose with the way the browser interacted with symlinks when processing files and directories. In this case, the symlink did not properly check whether the symlink was pointing to a location that was not intended to be accessible, allowing theft of sensitive files.

How did symlinks affect Google Chrome?
The firm says that the scammer could create a fake website, which offers a new crypto wallet service. As the website requests the user to download his ‘recovery’ key, during this time he can fraudulently create a new wallet.

This key will be a zip file containing a symlink to a sensitive file or folder on the user’s computer, such as the cloud provider’s credentials. When users unzips the recovery key and uploads it back to the website, the symlink will be processed and the scammer gains access to the sensitive file.

What should Chrome users do?
Imperva Red says that it has informed Google about the flaw and that the problem has been fully resolved in Chrome 108. Users are being advised to always keep their software updated to avoid such vulnerabilities.

First read breaking news in Presswire18 News| Read today’s latest news, live news updates, most reliable News Website.

Tags: Google, google chrome, tech news, Tech news in hindi