the Google Chrome It is currently the most used browser in the world. Thus, it is expected that its security will be continually tested, looking to patch potential breaches and the like.
However, a security vulnerability was recently discovered, which allowed the data of 2.5 million users of the service to be compromised. But you don’t need to worry as the problem has already been fixed by the company. However, it is important to be aware of these things, because through a small error we can have Dice Personal data viewed by third parties.
The person who discovered the latest bug in Chrome, or at least who reported this bug to the public, was security firm Imperva. The issue in question was called “SymStealer”, and it was related to the way the browser handles symbolic links. These links have already been received browser The pages they directed are not verified to be accessible.
By not going through such verification, a possibility was opened for hackers Access to parts of the operating system that are normally blocked. This happened because when a set of files were received on a website or form, if there was a symlink, it was followed without the aforementioned validation.
This way, if someone had malicious intent, the user could have been taken to a fake website and downloaded any file, and when loaded with an existing symbolic link, the attacker would be able to access areas where they normally wouldn’t. Able to display or even change.
It is important to note that this error did not appear only in Google Chrome, as the error was in the Chromium system, which is used as the basis for the browser, but later it was transferred to Microsoft Edge and other browsers. Despite all this, the error has already been resolved and is no longer present in the browser.
