Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Chrome extensions crocked with simple attack


Chrome extensions crocked with simple attack

Security-enhancer HTTPS Everywhere switched off with this one weird trick

Detectify researcher Mathias Karlsson says attackers can remove Google Chrome extensions, including the popular HTTPS Everywhere extension, if users do nothing else but visit a web page.

Karlsson (@avlidienbrunn) says the vulnerability patched and pushed into the latest stable edition of Chrome allows users to be targeted without requiring intervention.

After some hours of analysis I managed to disable it (HTTPS Everywhere) by just viewing a HTML page, Karlsson says.

In fact, I managed to disable any extension and most without any user interaction.

Karlsson published a proof-of-concept attack that will disable HTTPS Everywhere by corrupting it.

The flaw does not reside in the extension and affects users who have not applied automatic Chrome updates. Extensions are corrupted when websites attempt to access the Chrome extension URI handler. A malicious link can be constructed to issue ping attribute requests triggering corruption when users click.

Google had previously blocked most chrome extension URI request but appeared to have missed the ping attribute.


Comments
Sorry but there are no comments to display