Search What's Hot and What's Not:

Monday, February 2, 2009

Clickjacking vulnerability in Chrome discovered

Anyone who uses Chrome should be aware that an interesting and potentially dangerous vulnerability has been discovered. In the most current version of the browser, it is possible for someone to be fooled into viewing a site or submitting data to a page using a method known as clickjacking. As the links can be disguised, it can be difficult to tell when it is occurring. An example is a link that will appear normal in the browser, including the URL preview pane, but then redirect the user to a different page.

A proof of concept page was put up for demonstration. Google has confirmed that it is already working on a fix for the flaw, but until that arrives, it’s easy to see how this can be abused with dummy pages setup to look like the real thing. Upon redirection, people may not pay attention to what shows up in the address bar, and give away information they shouldn't.


Social Bookmarking

No comments:

Blog Disclaimer

Today's Latest and Hot Stuff is a personal blog that aims to share online information about latest and in demand technology. This blog is a collaborative effort of individuals who are currently registered members of other online community sites. Today's Latest and Hot Stuff does not claim any form of ownership or copyright in the materials found in this blog. Most of the contents featured in this blog come from other sites. The said materials are owned by those sites where these resources are posted.