Search
Close this search box.
Search
Close this search box.

Beware! 2.5 Billion Google Chrome Users are at Risk

Chrome Users Under Risk

Google Chrome is a web browser that is used by billions of people all over the world. Imperva Red, a cyber security company, found a security flaw in Google Chrome and Chromium-based browsers. This puts the data of more than 2.5 billion users at risk.

This flaw, which the company calls CVE-2022-3656, made it possible for sensitive files, like crypto wallets and cloud provider credentials, to be stolen.

Read More: Google Cloud AI Tools for Retailers

“The vulnerability was found through a review of how the browser interacts with the file system. Specifically, the review looked for common flaws in how browsers handle symlinks,” the blog says.

What is a Symlink?

A symbolic link, or symlink, is what Imperva Red calls a file that points to another file or directory. It tells the operating system that the linked file or directory should be treated as if it were at the location of the symlink. It says that a symlink can be used to make shortcuts, change the path to a file, or arrange files in a more flexible way.

But if these links are not handled properly, they can also be used to open security holes.

In the case of Google Chrome, the problem was caused by how the browser handled symlinks when it worked with files and directories. In particular, the browser didn’t check if the symlink pointing to a place that wasn’t meant to be accessible. This made it possible for sensitive files to be stolen, as explained in the blog post.

How Symlinks Affected Google Chrome?

The company says that an attacker could make a fake website that offers a new crypto wallet service. This is how the vulnerability affected Google Chrome. The website could then trick the user into making a new wallet by asking them to download their “recovery” keys.

Read Also: OpenAI Working on Paid Pro ChatGPT Version

These keys would actually be a zip file that contained a symlink to a private file or folder on the user’s computer, such as a cloud provider password. “When the user unzips and submits the “recovery” keys back to the website, the symlink is processed, and the attacker has access to the sensitive file,” the researchers write. blog says.

What should Chrome Users do?

Imperva Red says it told Google about the security hole, and the problem was fixed in Chrome 108. Users should always keep their software up to date to protect themselves from these kinds of weaknesses.


Subscribe to Our Newsletter

Related Articles

Top Trending

April 25 Zodiac
April 25 Zodiac: Insights on Love, Relationships, and Career Success
self-control is strength. calmness is mastery. you - tymoff
Self-Control Is Strength, Calmness is Mastery, You — Tymoff
big booty tech nerd
The Sensational and Controversial World of Big Booty Tech Nerds
Can Tonsils Grow Back After Being Removed? - Tymoff
Can Tonsils Grow Back After Being Removed? - Tymoff
3.6% Inflation Shortfall in Australia
3.6% Inflation Shortfall in Australia: Rate Cuts on Hold as Prices Remain Hot 

LIFESTYLE

Most Expensive Handbags for Women in the World
Elegance Redefined: 10 Most Expensive Handbags for Women in the World
Gift Ideas for Men
10 Thoughtful and Unique Gift Ideas for Men Who Have Everything
pohela boishakh 2024
Pohela Boishakh: Celebrating Bengali Culture and Heritage Festivities
Korean Beauty Secrets
10 Korean Beauty Secrets for Youthful Energy: Stay Young & Vibrant
Ancient Philosophers Guide to Happiness
Unlocking Happiness: Timeless Lessons from Ancient Philosophers

Entertainment

taylin gallacher
Biography, Life, Relationship and Career of Taylin Gallacher in 2024
Kim Kardashian Response to Taylor Swift
Kim Kardashian's Three-Word Response to Taylor Swift's Diss Track Reignites Feud
Netflix What Jennifer Did AI Controversy
AI Controversy Surrounds Netflix's True Crime Doc 'What Jennifer Did'
Kellie Pickler's Emotional Stage Comeback
Kellie Pickler's Emotional Stage Comeback After Husband's Passing
north koreans animate amazon hbo max shows
North Koreans Reportedly Helped Animate Amazon, HBO Max Shows

GAMING

F95zone
How to Get Started on F95zone and Increase Community Interaction in 2024 [Gamer's Guide]
Haligdrake Talisman
How to Obtain Haligdrake Talisman Locations in Elden Ring [Gamer's Guide]
enjoy4fun
Discover a World of Exciting Gaming in Enjoy4fun [How to Guide]
5 Tips for Signing Up to a Trustly Casino
5 Tips for Signing Up to a Trustly Casino
Online Poker Trends for 2024
Online Poker Trends for 2024

BUSINESS

3.6% Inflation Shortfall in Australia
3.6% Inflation Shortfall in Australia: Rate Cuts on Hold as Prices Remain Hot 
top plastic packaging manufacturer
Which Plastic Packaging Manufacturer Will Be a Good Choice
Analysts Chase Top Delivery Stock
Analysts Scramble to Keep Pace with Leading Delivery Stock
Tesla Hacked
Tesla Disbands New Marketing Team Just Months After Formation: Report
World Richest Families
Power and Wealth: Top 10 World's Richest Families in 2024

TECHNOLOGY

the emergence of india as a global hub for software development
The Emergence of India As a Global Hub for Software Development and IT Services
xiaomi su7 sedan 70000 first month orders
Xiaomi's EV Debut: SU7 Sedan Hits 70K Orders in First Month!
myliberla
What Are the Impact of MyLiberla on Personal Empowerment and Productivity
UiPath Launches Data Centers in Pune and Chennai
UiPath Boosts Presence in India: Launches Data Centers in Pune & Chennai
Oracle moves headquarters to nashville
Oracle CEO Larry Ellison Announces Headquarters Move to Nashville

HEALTH

Can Tonsils Grow Back After Being Removed? - Tymoff
Can Tonsils Grow Back After Being Removed? - Tymoff
impact of emotional trauma on chronic pain
Who is Most Affected by Emotional Trauma-Induced Chronic Pain?
Intermittent Fasting
Unlocking the Power of Intermittent Fasting: Expert Tips Revealed
disease x
Disease X: Scientists Predict Virus Could Spark Next Global Pandemic
A Comprehensive Experience with Dr. Aravind Bhateja
A Comprehensive Experience at Sparsh Hospital in Bangalore with Dr. Aravind Bhateja