Browser Vulnerabilities Are Becoming More Dangerous; Impacting Users

Google released exploit code for an unfixed vulnerability in its Chromium browser codebase that threatened millions of people using Chrome, Microsoft Edge and virtually all other Chromium-based browsers.

The vulnerability provides attackers the required power to misuse a browser feature called the Browser Fetch API, which is normally used to download large files like videos in the background. For any malicious website has the ability to abuse this feature and keep a hidden connection active inside the user’s browser.

In future attackers may discreatly monitor some browser activity. Subsequently use the victim’s browser as a proxy to access websites and launch Denial-of-Service (DoS) attacks through the victim’s internet connection.

Chromium browser Vulnerability Details

The exploit targets a vulnerability in Chromium-based browsers like Google Chrome and Microsoft Edge.

Attackers can abuse a browser background download feature to create hidden persistent network connections. The exploit does not need prior malware installation or any suspicious executable files. Once triggered, the browser may continue maintaining attacker-controlled connections in the background.

The vulnerability, originally reported in late 2022 by independent security researcher Lyra Rebane, remains unfixed after more than 42 months.

It has been assigned a Priority 1 (P1) rating, indicating high urgency and Severity 2 (S2), marking it as a serious security issue within Chromium’s vulnerability classification framework.

The flaw resides in the Browser Fetch API, a feature designed to allow large downloads, such as videos or files, to continue in the background via Service Workers.

The impact is huge and affects major browser built on Chromium, including Google Chrome, Microsoft Edge, Brave, Opera, Vivaldi, and Arc.

Researchers opinion regarding risk associated with the vulnerability  

“The dangerous part here is that you can just have a lot of different browsers together that you can in the future run something on that you figure out,” said Lyra Rebane, the independent researcher who discovered the vulnerability and privately reported it to Google in late 2022 in an interview.

Users of Chromium browsers should be suspicious of download dropdowns that appear for no reason.

Researcher drilled into the cause and discovered, the result of the vulnerability being exploited remains more complicated. Other browsers Rebans confirmed as vulnerable include Brave, Opera, Vivaldi, and Arc. Both Firefox and Safari are unaffected because they don’t support the browser-fetching feature.

In the private bug disclosure thread, a developer said that logs indicate that use of the background fetch feature is extremely limited on Chrome, with on average “~17 completed files per user per day.

In case of Mozilla Firefox and Safari are not vulnerable because they do not implement the Browser Fetch API in the same way as Chromium-based browsers.

Browser Vulnerabilities Are Becoming More Dangerous

Browser flaws were often limited to webpage crashes or minor security issues. They can impact at wide scale including enterprise system and cloud services to corporate data. Any browser compromise may potentially give attackers deep access into enterprise environments.

This is why browser security is now treated similarly to operating system security in modern cybersecurity strategies.

Users are asked to take up full security measures

• Avoid suspicious or unfamiliar websites
• Monitor unexplained browser download prompts
• Keep browsers fully updated
• Watch for emergency Chromium security patches
• Consider temporary use of non-Chromium browsers for sensitive activities

BISO Analytics from Intrucept is for organizations that need to secure company data

BISO Analytics stands out as the pioneering security analytics platform designed to assist enterprises in effectively handling their first-party, third-party and emerging risks, all within a single platform.

This comprehensive solution facilitates a quicker and safer progression for your business.

By adopting a groundbreaking approach, BISO Analytics integrates open, data-centric cyber risk management practices, offering organizations a consolidated view of their cyber risk landscape across the entire attack surface.