A Google Chrome developer recently discovered a high-severity vulnerability in Microsoft’s Edge browser that allowed an attacker to read sensitive data in other tabs, including websites that required users to authenticate themselves.

A Google Chrome developer recently discovered a high-severity vulnerability in Microsoft’s Edge browser that allowed an attacker to read sensitive data in other tabs, including websites that required users to authenticate themselves.

 

According to Jake Archibald, the developer who discovered the vulnerability, an attacker could exploit the flaw to retrieve sensitive content from other tabs on the Edge browser, thereby gaining the ability to read emails and Facebook feed and to access online banking websites.

 

The said vulnerability was found to affect only Microsoft Edge and Firefox browsers but both Microsoft and Mozilla have since released patches to fix the vulnerability and to ensure the sanctity of sensitive user information.

 

 

Normally, when a browser makes a request for multimedia content from another domain, the content is fetched completely via the “range” parameter. However, when a browser requests for audio tags, a malicious website can fetch some of the content via the “range” parameter while loading the rest of the content inside the “audio” tag.

 

By loading content inside the audio tag, Archibald said that a malicious website can avoid being analysed by CORS (Cross-Origin Resource Sharing), a defence mechanism in browsers that prevents websites from accessing content in other websites. This way, an attacker can silently retrieve information from other browser tabs without alerting the user.  

 

“I’ve covered two browser security issues here, but these bugs started when browsers implemented range requests for media elements, which wasn’t covered by the standard. These range requests were genuinely useful, so all browsers did it by copying each others behaviour, but no one integrated it into the standard. The result is the browsers all behave slightly differently, and some ended up with security issues,” said Archibald.

 

This article originally appeared at scmagazineuk.com



Source link

NO COMMENTS

LEAVE A REPLY