Google Chrome is a web browser used by billions of people around the world. Imperva Red, a cyber security company, found a security flaw in Google Chrome and Chromium-based browsers. This puts the data of more than 2.5 billion users at risk.
This flaw, which the company calls CVE-2022-3656, made it possible for sensitive files such as crypto wallets and cloud provider credentials to be stolen.
Read more: Google Cloud AI tools for retailers
“The vulnerability was found through a review of how the browser interacts with the file system. Specifically, the review looked for common flaws in the way browsers handle symbolic links,” the blog says.
What is a symbolic link?
A symbolic link, or symlink, is what Imperva Red calls a file that points to another file or directory. Tells the operating system that the linked file or directory should be treated as if it were at the symbolic link location. It says that a symbolic link can be used to make shortcuts, change the path to a file, or organize files in a more flexible way.
But if these links are not handled properly, they can also be used to open security holes.
In the case of Google Chrome, the problem was caused by how the browser handled symbolic links when working with files and directories. In particular, the browser did not check if the symbolic link was pointing to a place that was not intended to be accessible. This made it possible for sensitive files to be stolen, as explained in the blog post.
How did symbolic links affect Google Chrome?
The company says that an attacker could create a fake website offering a new crypto wallet service. This is how the vulnerability affected Google Chrome. The website could then trick the user into creating a new wallet by asking them to download their “recovery” keys.
Also read: OpenAI working on paid Pro ChatGPT version
These keys would actually be a zip file containing a symbolic link to a private file or folder on the user’s computer, such as a cloud provider password. “When the user unzips and sends the ‘recovery’ keys to the website, the symbolic link is processed and the attacker has access to the confidential file,” the researchers write. blog says.
What should Chrome users do?
Imperva Red says that it informed Google about the security hole and that the problem was fixed in Chrome 108. Users should always keep their software up to date to protect themselves from these types of weaknesses.
Subscribe to our latest newsletter
To read our exclusive content, sign up now. $5/month, $50/year