Horne & Benik Networks Blog

Horne & Benik Networks has been serving the Marlborough area since 1991, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Is This Bug in Your System? Chances Are, It Was!

Is This Bug in Your System? Chances Are, It Was!

Cybersecurity is challenging enough… you don’t need issues coming from one of your key applications. However, since a bug was found in some of the most popular Internet browsers today—potentially risking billions of people’s data security—you could very well see these kinds of issues. Let’s go over this vulnerability, and what you can do to address it.

Examining the Recent Chromium Bug

Google’s open-source platform, Chromium, has been used as the foundation for many current Internet browsers. That’s why browsers like Opera, Edge, and of course Google Chrome all share a lot of the same code in their makeup. That’s also why the presence of an exploitable vulnerability within Chromium’s code is a very bad thing.

The vulnerability in question could allow hackers to bypass any website’s Content Security Policy, thereby enabling them to run malicious code and/or steal data.

The Content Security Policy (CSP)

The CSP is an Internet standard meant to eliminate the threat of some cyberattacks and is currently used on most websites. Basically, this standard enabled website admins to identify the domains that a browser like Chrome or Opera will recognize as legitimate and block any scripts that haven’t been preloaded into the policy’s parameters.

How Hackers Can Use It

To make use of the CSP vulnerability, a hacker needs access to a web server. While they could accomplish this through assorted means, a brute-force attack is the most common method of gaining this access. Basically, by trying vast numbers of login credentials in rapid succession, the hacker can overcome a website’s protections. Once they’re in, the hacker can make amendments so that the CSP is bypassed and the code they’re implementing will work. While this vulnerability does require a successful hack to take place, it can still be very effective thanks to many websites sporting questionable security standards.

How to Secure Your Browser Against This CSP Vulnerability

Unfortunately, what we have here is a prime example of how even the most trusted software isn’t infallible, and how long security vulnerabilities can fly under the radar. Despite 5 billion downloads as of 2019, it still took over a year to catch this issue.

Fortunately, the issue has since been amended, so users of…

  • Chrome
  • Edge
  • Opera
  • Vivaldi

… and any other Chromium-based browser will want to update them to the latest versions to ensure that the vulnerability is successfully patched.

Maintaining your software, especially your browser and other Internet-facing applications, is a requirement if you want to stay safe online. For help in ensuring that your business has this taken care of, you can rely on Horne & Benik. Give our IT professionals a call at (603) 499-4400.

Good Leaders Have Better Businesses
Have a Backup that is Ready for Action
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Monday, 23 December 2024

Captcha Image

Mobile? Grab this Article

QR Code

Customer Login


News & Updates

Horne & Benik is proud to announce the launch of our new website at www.horne-benik.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what Horne & Benik can do for your business.

Horne & Benik
2 School Street - PO Box 305
Marlborough, New Hampshire 03455