Google to Solve Chrome's HTML Vulnerability

Hackers could receive access to personal information using this vulnerability
17 August 2018   285

Google's developers have fixed a vulnerability in the Chrome browser, through which cybercriminals received secret information from other sites through audio and video HTML tags. Security researcher Ron Masas from Imperva identified the problem associated with the vulnerability of CVE-2018-6177, and in late July 2018 in Chrome 68 installed a security code.

According to the researcher, a cyber attack requires malicious code that downloads content from legitimate sites inside audio and video HTML tags. An attacker can determine the size of responses received from sites, and guess the various types of information. In the normal situation, this is not possible due to the CORS function, which prevents sites from downloading resources from other web pages, but the program is able to bypass protection.

Cybercriminals could get data on the sex and age of users using the Audience Restriction function in the settings of Facebook. According to Masas, collecting answers through social networks,hacker can consistently receive valuable personal information.

Another Internet security specialist, Mike Gualtieri, believes that when attacking, hacker can use a more creative approach than collecting data from Facebook users. For example, use corporate backend, intranet and corporate web applications. Thanks to the bug, the ability to send requests has appeared, so an attack on the API can also be successful.

Experts strongly recommend to update Chrome to v68.0.3440.75 or newer in order to prevent vulnerability.

CSS-Based Attack to Restart iPhone

As researcher noted, all applications that handle HTML are under threat
17 September 2018   206

The developer and cyber security specialist Sabri Haddouche found that 15 lines of CSS code running on iOS cause the kernel to crash and reboot the device. On the macOS after the clicking on the "overloaded" link, the browser may freeze. All versions of iOS, including the latest update 11.4.1, as well as iOS 12, which is currently undergoing beta testing are vulnerable.

Haddouche published a PoC code on GitHub. It exploits a vulnerability in the WebKit web rendering engine. Placement of a large number of tags (for example, a div) inside the CSS property of backdrop-filter results in all the device resources being used to render the page. This causes a crash in the kernel, and the system starts a reboot to prevent it from corrupting.

The developer notified Apple of the vulnerability, and the company began an internal investigation.

As Haddouche noted in a conversation with TechCrunch, all applications that handle HTML are under threat. You can cause a failure through an e-mail message or a link to an "overloaded" web page. The attack does not allow executing malicious code and does not allow an attacker to access the device data, however, according to experts, it will be difficult to find a way to prevent it.

CSS is a tool for designing web content written primarily in HTML. However, specialists from time to time discover that it allows, for example, to collect confidential user like passwords or track actions on the web.