Home

About Us

IT Services

Understanding IT

News

Blog

Contact Us

Support

Is This Bug in Your System? Chances Are, It Was!

Is This Bug in Your System? Chances Are, It Was!

Cybersecurity is challenging enough… you don’t need issues coming from one of your key applications. However, since a bug was found in some of the most popular Internet browsers today—potentially risking billions of people’s data security—you could very well see these kinds of issues. Let’s go over this vulnerability, and what you can do to address it.

Examining the Recent Chromium Bug

Google’s open-source platform, Chromium, has been used as the foundation for many current Internet browsers. That’s why browsers like Opera, Edge, and of course Google Chrome all share a lot of the same code in their makeup. That’s also why the presence of an exploitable vulnerability within Chromium’s code is a very bad thing.

The vulnerability in question could allow hackers to bypass any website’s Content Security Policy, thereby enabling them to run malicious code and/or steal data.

The Content Security Policy (CSP)

The CSP is an Internet standard meant to eliminate the threat of some cyberattacks and is currently used on most websites. Basically, this standard enabled website admins to identify the domains that a browser like Chrome or Opera will recognize as legitimate and block any scripts that haven’t been preloaded into the policy’s parameters.

How Hackers Can Use It

To make use of the CSP vulnerability, a hacker needs access to a web server. While they could accomplish this through assorted means, a brute-force attack is the most common method of gaining this access. Basically, by trying vast numbers of login credentials in rapid succession, the hacker can overcome a website’s protections. Once they’re in, the hacker can make amendments so that the CSP is bypassed and the code they’re implementing will work. While this vulnerability does require a successful hack to take place, it can still be very effective thanks to many websites sporting questionable security standards.

How to Secure Your Browser Against This CSP Vulnerability

Unfortunately, what we have here is a prime example of how even the most trusted software isn’t infallible, and how long security vulnerabilities can fly under the radar. Despite 5 billion downloads as of 2019, it still took over a year to catch this issue.

Fortunately, the issue has since been amended, so users of…

  • Chrome
  • Edge
  • Opera
  • Vivaldi

… and any other Chromium-based browser will want to update them to the latest versions to ensure that the vulnerability is successfully patched.

Maintaining your software, especially your browser and other Internet-facing applications, is a requirement if you want to stay safe online. For help in ensuring that your business has this taken care of, you can rely on CASS Tech. Give our IT professionals a call at (248) 538-7374.

Good Leaders Have Better Businesses
Have a Backup that is Ready for Action
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, September 26, 2020

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cass-tech.com/

Latest Blog

Android has been around in one of its many forms for over a decade, and looking back, the changes that have been made over time is remarkable. Let’s go through each version to review some of the adjustments and improvements that each new ve...

Contact Us

Learn more about what CASS Tech
can do for your business.

(248) 538-7374

CASS Tech
37000 Grand River Avenue Suite 130
Farmington Hills, Michigan 48335

Account Login