Firefox And Chrome Bug Leaked Facebook Profile Details For Almost A Year: Now Fixed
A side-channel vulnerability existed in the implement of the CSS3 feature called “mix-blend-mode.” It allowed an attacker to anonymize a Facebook user running Google Chrome or Mozilla Firefox by making them visit a specially crafted website.
The flaw, now fixed, was discovered last year by the researcher duo Dario Weißer and Ruslan Habalov, and separately by another researcher named Max May.
The visual data leak could happen on websites using iFrames that link to Facebook in the form of social plugins and login buttons. Because of a security feature called same origin policy, websites can’t access the content of iframes directly. The researchers can extract information by creating an overlay on the cross-origin iFrame to interact with the underlying pixels.
The POC takes around 20 seconds to reveal a username, around 5 minutes for a vague version of the profile picture, and around 500 milliseconds to check the like status of a given site. However, target user should be logged into their Facebook account for the method to work.
The side-channel vulnerability was fixed for Google Chrome in December last year (version 63). For Firefox, the patch was made available two weeks ago (version 60). That’s because the researchers encountered some error that delayed the disclosure to Mozilla until November 2017.
The exploit didn’t affect IE and Edge as the web browsers don’t support the required feature. Safari wasn’t affected either for some reason.
While the flaw has been patched for good, the researchers warn that the advanced graphics capabilities added to HTML and CSS could open doors for more attacks like these.
No comments:
Interesting, Cool, Bad or any: Let's know below