• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Google Chrome Vulnerability Lets Sites Quietly Overwrite Clipboard Contents

You are here: Home / General Cyber Security News / Google Chrome Vulnerability Lets Sites Quietly Overwrite Clipboard Contents
September 2, 2022

A vulnerability in Chromium-centered browsers allows web-webpages to switch the content material of the system clipboard with no the user’s consent or conversation.

The bug was identified by developer Jeff Johnson, who in depth his results in a blog article on August 28.

The security expert also reported the issue has an effect on Apple Safari and Mozilla Firefox as perfectly, but in Chromium-based browsers, the prerequisite for a person gesture to duplicate information to the clipboard was at this time damaged.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


“Chrome is presently the worst offender due to the fact the consumer gesture need for writing to the clipboard was unintentionally damaged in edition 104,” Johnson remarked.

For context, person gestures refer to the capacity of a consumer to pick out a piece of text and press Control+C (or ⌘-C for macOS), for occasion, or decide on ‘Copy’ from the context menu.

Even further, Johnson found that a wider set of consumer gestures ended up also influenced by the bug.

“The gestures are not strictly minimal in this way. In my screening, [a number of] DOM gatherings give a web web site authorization to use the clipboard API to overwrite your procedure clipboard.”

These incorporate clicking and pressing the key-down and important-up buttons, among others.

“For that reason, a gesture as innocent as clicking on a hyperlink or pressing the arrow essential to scroll down the web page gives the site permission to overwrite your procedure clipboard,” Johnson warned.

In conditions of how the bug could be exploited to an attacker’s benefit, Johnson stated the answer was clear.

“Though you’re navigating a web web page, [it] can devoid of your awareness erase the current contents of your process clipboard, which may have been important to you, and exchange them with something the web page would like, which could be risky to you the next time you paste.”

According to Johnson, Google is currently mindful of the vulnerability, but at the time of writing, the tech giant has not unveiled a deal with for it nonetheless.

The bug is rarely the very first impacting browsers in latest periods and will come times following Apple mounted a critical vulnerability in the Safari browser of numerous cell gadgets.


Some sections of this article are sourced from:
www.infosecurity-magazine.com

Previous Post: «prynt stealer contains a backdoor to steal victims' data stolen Prynt Stealer Contains a Backdoor to Steal Victims’ Data Stolen by Other Cybercriminals
Next Post: US Police Deployed Obscure Smartphone Tracking Tool With No Warrants Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New 5G Modems Flaws Affect iOS Devices and Android Models from Major Brands
  • N. Korean Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks
  • Ransomware-as-a-Service: The Growing Threat You Can’t Ignore
  • Mac Users Beware: New Trojan-Proxy Malware Spreading via Pirated Software
  • WordPress Releases Update 6.4.2 to Address Critical Remote Attack Vulnerability
  • Founder of Bitzlato Cryptocurrency Exchange Pleads Guilty in Money-Laundering Scheme
  • Microsoft Warns of COLDRIVER’s Evolving Evading and Credential-Stealing Tactics
  • New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices
  • Hacking the Human Mind: Exploiting Vulnerabilities in the ‘First Line of Cyber Defense’
  • Building a Robust Threat Intelligence with Wazuh

Copyright © TheCyberSecurity.News, All Rights Reserved.