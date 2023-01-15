



Google Chrome is a popular web browser used by billions of people around the world. In a harrowing episode of a security breach, his cybersecurity firm Imperva Red detected a flaw in Google Chrome and his Chromium-based browser, putting the data of over 2.5 billion users at risk. The vulnerability, dubbed CVE-2022-3656, could allow sensitive files such as crypto wallets and cloud provider credentials to be stolen, the company said.

This vulnerability was discovered after researching the way browsers interact with the file system, specifically looking for common vulnerabilities related to the way browsers handle symbolic links,” the blog said. It is written.

What are symbolic links?

Imperva Red defines a symbolic link or symbolic link as a type of file that points to another file or directory. This allows the operating system to treat the linked file or directory as if it were at the location of the symbolic link. Symbolic links are useful for creating shortcuts, redirecting file paths, and organizing files in a more flexible way.

However, such links can also be used to introduce vulnerabilities if not properly handled.

In the case of Google Chrome, the problem arose from the way the browser interacts with symbolic links when dealing with files and directories. Specifically, the blog post states that sensitive files could be stolen because browsers did not properly check if symbolic links pointed to inaccessible locations.

How did symlinks affect Google Chrome?

Explaining how the vulnerability affected Google Chrome, the company said attackers could create fake websites offering new crypto wallet services. The website can then trick the user into creating a new wallet by asking them to download a recovery key.

These keys are actually zip files containing symbolic links to sensitive files or folders on the user’s computer, such as cloud provider credentials. Once the user unzips the recovery key and uploads it to his website, the symlink will be processed and the attacker will be able to access sensitive files,” the blog states.

What should Chrome users do?

Imperva Red notified Google of the vulnerability and said the issue was fully resolved in Chrome 108. To protect against such vulnerabilities, users are advised to always keep their software up to date.

