We use cookies to give you the best online experience. By using our website you agree to our use of cookies in accordance with our cookie policy.

croom new

Preferred Blog

Preferred has been serving the Tinley Park area since 1991, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

This Chrome Bug Could Affect Billions

This Chrome Bug Could Affect Billions

Data and cybersecurity is hard enough without vulnerabilities coming from one of your most utilized applications. That’s the scenario after a bug was found in some of today’s most popular Internet browsers putting billions of people’s data security at risk. Let’s take a brief look at the vulnerability and how you can ensure that it won’t be a problem for you or your company.

Chromium Bug Explained

Internet browsers such as Opera, Edge, and Chrome are built on top of Google’s open-source Chromium platform and therefore share a lot of the same code. Unfortunately, researchers found an exploitable vulnerability in the Chromium code that would allow hackers to bypass the Content Security Policy on websites, leaving them able to steal data or run malicious code. 

What is the Content Security Policy?

The Content Security Policy (CSP) is an Internet standard that was designed to eliminate certain types of cyberattacks. The policy provides access to website administrators to set the domains that an Internet browser sees as legitimate. An Internet browser with a CSP will block scripts that aren’t loaded into the policy’s parameters. Most websites on the Internet use CSP.

How Does the Hack Work?

In order to use the CSP vulnerability in the Chromium-based browser, the hacker first needs to gain access to a web server. There are several ways this can happen, but most commonly, they can use a brute-force attack--that is an attack where so many different iterations of login credentials are used that eventually the password is discovered--is used. Then the attacker alters the JavaScript to allow the nefarious cofe to work, bypassing the CSP completely.  So while it actually takes a successful hack to exploit the vulnerability, it is still extremely dangerous due to the amount of trust people have in, what claim to be, secure websites.

What You Can Do to Ensure Your Browser is Secure

This is a great example of how even the most trusted software could have long-standing security vulnerabilities. The Chrome browser, which reached 5 billion downloads in 2019, carried this vulnerability for over a year. Since being discovered, however, the issue has been patched. As a result, users of Chrome, Microsoft’s Edge, Opera, and Vivaldi will definitely want to update to developers’ newest versions to ensure your browser doesn’t carry this very dangerous vulnerability. 

Staying safe online requires your browser to be updated and patched. If you need help ensuring your business is running patched and up-to-date software, contact the security professionals at Preferred today at 708-781-7110.

Tip of the Week: Two Kinds of Best Practices for R...
Four Questions You Need to Ask Yourself About Your...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Friday, November 22 2024

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      Qr Code

      Blog Archive

      Latest Blog Entry

      Businesses of every size need to prioritize their security. This fact has not changed and will not change anytime soon. What has changed, however, are the recommended ways to approach this security. Today, we wanted to review the history of today’s predominant cybersecurity ...

      Latest News

      Best Places to Work - 5 YEARS STRONG!!

      Preferred is once again, honored for being a Best Place to Work for the fifth straight year!  Our team is what makes Preferred a Best Place to Work.  

      Daily Herald Suburban Business 2024 Best Places to Work Honorees The Daily Herald Suburban Business has announced the names of 51 companies, in 5 categories of competition, that are honored as the 2024 Best Places to Work in Illinois. This statewide survey and awards program was designed to identify, recognize and honor the best places of employment in Illinois, benefiting the state's economy, its workforce and businesses.