Hit enter to search or ESC to close
New Delhi. Google Chrome is used worldwide. This web browser is popular all over the world. Meanwhile, information about security breach has come to the fore in the browser, due to which concern has increased among the users of the browser. In fact, a cyber security firm named Imperva Red has detected a flaw in Google Chrome and Chromium-based browsers, which is putting the data of more than 2.5 billion (250 crore) users at risk.
The firm says that a flaw in the browser allows the theft of sensitive files. According to the company, the flaw was discovered through a review of the way the browser interacts with the file system. Specifically, it allows data theft with the help of common flaws related to browser process symlinks.
What is symlink?Imperva Red defines a symlink or a symbolic link as a file. It points to another file. This allows the operating system to treat the file as linked. Using symlinks can be useful for creating shortcuts, redirecting file paths, or organizing files in a flexible way. However, if such a link is not handled properly, it can also be used to introduce vulnerabilities.
Also read- Now login without entering password on Google Chrome, work will be done instantly
symlink not checked properlyIn the case of Google Chrome, the problem arose with the way the browser interacted with symlinks when processing files and directories. In this case, the symlink did not properly check whether the symlink was pointing to a location that was not intended to be accessible, allowing theft of sensitive files.
How did symlinks affect Google Chrome?The firm says that the scammer could create a fake website, which offers a new crypto wallet service. As the website requests the user to download his ‘recovery’ key, during this time he can fraudulently create a new wallet.
This key will be a zip file containing a symlink to a sensitive file or folder on the user’s computer, such as the cloud provider’s credentials. When users unzips the recovery key and uploads it back to the website, the symlink will be processed and the scammer gains access to the sensitive file.
What should Chrome users do?Imperva Red says that it has informed Google about the flaw and that the problem has been fully resolved in Chrome 108. Users are being advised to always keep their software updated to avoid such vulnerabilities.
First read breaking news in Presswire18 News| Read today’s latest news, live news updates, most reliable News Website.
Tags: Google, google chrome, tech news, Tech news in hindi
FIRST PUBLISHED : January 15, 2023, 14:26 IST
new Delhi. The iPhone SE model i.e. iPhone SE 3 or iPhone SE 2022 is already out of stock on flipkart in the market. In such a situation, if you are thinking of buying...
New Delhi. Samsung has launched its flagship series Samsung Galaxy S23. Under this series, three smartphones Galaxy S23 Ultra, Galaxy S23 + and Galaxy S23 have been launched. The phones of this series have...
New Delhi.Xiaomi Recently Redmi Note 12 series has been launched by. After its launch, a reduction in the price of Redmi 11 Prime has been announced by Xiaomi. Let us know that the Redmi...