Information Security Professionals Find Critical Vulnerability in Google Chrome

Recently, Google reported High risk vulnerabilities found by Information Security Professionals. Patch released addresses 11 vulnerabilities out of which, one is critical, while 5 others are rated high. Many websites, especially Windows hosted sites, use the vulnerabilities to accept Google Grants programs. Google Chrome is used as an example of web browsers being service end-points. Google Chrome uses a specific build of the Google Toolbar, which carries a unique user ID, generated copy of the user’s URL, and authenticator string.

Google recommends users upgrading to the latest Google Toolbar version. Users accessing Windows XP or Vista, using Google Chrome version 26 or higher, will automatically be affected by the vulnerabilities.

The vulnerabilities are:

Critical: HTTPS web server, which is not verifying the signature of the web server certificate, could lead to information disclosure

Common: Directory Services, which does not validate user permission on the shared web server, could lead to information disclosure

High: Ripemdity, a low-privilege application, could allow someone to upload content to a legitimate web server and gain access to the server

Question: How Users can protect themselves from vulnerabilities?

Google Chrome users can protect themselves from these vulnerabilities by being careful while using the internet. There are several methods which could help you prevent such attacks.

Always keep your software updated. Check for new version of web browser and download it immediately.

Use the latest version of antivirus and all other anti-malware software.

Configure your firewall to filter only those programs that are intended to go through your network.

Change the file and folder permissions.

Make sure that the system account restrictions do not apply to you.

Use a stronger password.

Use a different web browser.

version=”1.0″ encoding=”iso8859-1″ standalone=”no”?

Google Chrome is a web browser that can automatically run in day light and can provide you a private browsing space. It has a built-in capability called Incognito mode that ensures complete security of your private information.

In order to enable Incognito mode, please visit:https://www.google.com/iso/support/incognito.html

There are some browser that has been identified as not having the necessary tools to enable this feature. Among them is Mozilla Firefox, Microsoft Explorer, and Opera. Please check if your preferred browser has the Incognito mode capabilities.

What is Malware?

A computer worm is a self-replicating computer program or script that uses a network to send copies of itself to other computers on the same network. It uses a special protocol to do this.

Web pages that perform malicious actions, such as installing spyware, are delivered to your system through a web server. Your computer receives the web page and opens it, then the malicious scripts inside the pages can affect your computer as well.

Automatic Update feature is provided by your web browser automatically. Please check your browser’s help menu and configuration page for features related to automatic updates.

If you have been infected please run your existing anti-spyware/anti-adware program and do a full system scan. Also you can download one of the tools from my website to remove the infections automatically and successfully.

Leave a Reply