Google publishes exploit code threatening millions of Chromium users
Google said the code could let attackers turn thousands of browsers into limited proxy bots, while the flaw remained unpatched for 29 months.
7 Articles
7 Articles
Ars Technica
slashdot.orgGoogle publishes exploit code threatening millions of Chromium users
Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other Chromium-based browsers. The proof-of-concept code exploits the Browser Fetch programming interface, a standard that allows long videos and other large files to be downloaded in the background. An attacker can use the exploit to create a connection for mon…
Google has recently erroneously disclosed an operating code for a major security flaw affecting the Chromium engine. This technical flaw, which has persisted for more than two years without patch, allows malicious sites to integrate devices into a botnet via the download interface in the background. Browsers such as Chrome and Microsoft Edge are particularly exposed, as the connection can remain active even after a restart of the operating syste…
A Chromium fault has been sleeping without fixes for twenty-nine months. Google just released the operating code on Wednesday, but there are no patches. Millions of users of Chrome, Microsoft Edge and other Chromium browsers are exposed.
Your browser could already be part of a botnet thanks to this dangerous Chrome flaw
TL;DR A recently disclosed Chromium vulnerability could allow malicious websites to silently hijack browsers like Chrome and Edge without downloads, pop-ups, or user interaction. The exploit abuses Browser Fetch, a feature meant for background downloads to keep persistent connections alive, potentially turning browsers into lightweight botnets for proxying traffic or DDoS attacks. Security researcher Lyra Rebane reported the flaw to Google in 2…
On Wednesday morning, the Mountain View firm totally published on its own bug tracker Chromium the operating code of a fault... which is still uncorrected! And not a little forgotten vulnerability in a corner, eh, but a real death flaw that kills that independent researcher Lyra Rebane had raised them nicely and privately. It's been 29 months (two and a half years, the maths ^^) and she's still waiting for a patch! The thing is aimed at the Brow…
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
