Skip to main content

Chrome exploit a hole new attack vector

posted onJuly 1, 2011
by l33tdawg

A penetration tester has exploted a hole in Google Chrome that granted unauthorised access to gmail accounts.

WhiteHat Security researcher Matt Johansen identified the vulnerability in a Chrome OS note-taking application. He disclosed the hole to Google which patched it and gave him US$1000 as part of its Chromium security initiative.

Johansen told Reuters he intercepted data travelling between a Chrome browser extension and the Google cloud.

"I can get at your online banking or your Facebook profile or your email as it is being loaded in the browser," he said. Google has not yet revealed details of the security hole which Johansen plans to release at the Black Hat conference in Las Vegas this year.

Source

Tags

Google Chrome Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th