facebook linkedin twitter

Computerware Blog

Is This Bug in Your System? Chances Are, It Was!

Is This Bug in Your System? Chances Are, It Was!

Cybersecurity is challenging enough… you don’t need issues coming from one of your key applications. However, since a bug was found in some of the most popular Internet browsers today—potentially risking billions of people’s data security—you could very well see these kinds of issues. Let’s go over this vulnerability, and what you can do to address it.

Examining the Recent Chromium Bug

Google’s open-source platform, Chromium, has been used as the foundation for many current Internet browsers. That’s why browsers like Opera, Edge, and of course Google Chrome all share a lot of the same code in their makeup. That’s also why the presence of an exploitable vulnerability within Chromium’s code is a very bad thing.

The vulnerability in question could allow hackers to bypass any website’s Content Security Policy, thereby enabling them to run malicious code and/or steal data.

The Content Security Policy (CSP)

The CSP is an Internet standard meant to eliminate the threat of some cyberattacks and is currently used on most websites. Basically, this standard enabled website admins to identify the domains that a browser like Chrome or Opera will recognize as legitimate and block any scripts that haven’t been preloaded into the policy’s parameters.

How Hackers Can Use It

To make use of the CSP vulnerability, a hacker needs access to a web server. While they could accomplish this through assorted means, a brute-force attack is the most common method of gaining this access. Basically, by trying vast numbers of login credentials in rapid succession, the hacker can overcome a website’s protections. Once they’re in, the hacker can make amendments so that the CSP is bypassed and the code they’re implementing will work. While this vulnerability does require a successful hack to take place, it can still be very effective thanks to many websites sporting questionable security standards.

How to Secure Your Browser Against This CSP Vulnerability

Unfortunately, what we have here is a prime example of how even the most trusted software isn’t infallible, and how long security vulnerabilities can fly under the radar. Despite 5 billion downloads as of 2019, it still took over a year to catch this issue.

Fortunately, the issue has since been amended, so users of…

  • Chrome
  • Edge
  • Opera
  • Vivaldi

… and any other Chromium-based browser will want to update them to the latest versions to ensure that the vulnerability is successfully patched.

Maintaining your software, especially your browser and other Internet-facing applications, is a requirement if you want to stay safe online. For help in ensuring that your business has this taken care of, you can rely on Computerware. Give our IT professionals a call at (703) 821-8200.

Good Leaders Have Better Businesses
Have a Backup that is Ready for Action
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, September 20, 2020

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cwit.com/

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Business Computing Privacy Internet Software Cloud Data Business Management Hackers Hardware Microsoft Workplace Tips Network Security Backup Productivity Business Managed Service Provider Hosted Solutions Productivity Email Malware IT Services Efficiency Saving Money Google Innovation Computer Small Business User Tips Collaboration Quick Tips VoIP IT Support IT Support Data Backup Smartphones Network Mobile Devices Business Continuity communications Disaster Recovery Gadgets Data Recovery Microsoft Office Social Media Android Cybersecurity Smartphone Upgrade Mobile Office Server Communication Phishing Virtualization Miscellaneous Mobile Device Management Ransomware Mobile Device Vendor Management Passwords Holiday Operating System Users Windows Outsourced IT Windows 10 Apps Tech Term Managed IT Services Internet of Things Remote Monitoring Facebook Unified Threat Management BDR BYOD Automation Analytics Managed IT services Data Management Remote Computing Mobile Computing Apple WiFi Windows 10 Browser Artificial Intelligence Training History Marketing The Internet of Things Cloud Computing Save Money Business Technology Firewall Health Help Desk Alert Encryption Big data App Spam Bandwidth IT Consultant Office Office 365 Budget Two-factor Authentication Information Technology Covid-19 Managed Service Hard Drives Government Access Control Cybercrime VPN Managed IT Bring Your Own Device Windows 7 Antivirus Maintenance Content Filtering Printer Gmail Going Green Recovery Employer-Employee Relationship Computers Wi-Fi Saving Time Retail Wireless Technology Cost Management Information Blockchain Search Windows 8 Outlook Healthcare Networking Remote Work Tech Support Lithium-ion Battery Virus Best Practice Hiring/Firing Conferencing IBM Augmented Reality Phone System Data Security It Management Travel Education Hacking Data Loss Update iPhone Humor Project Management Customer Service Money Document Management Computing Voice over Internet Protocol Storage Website Proactive IT Customer Relationship Management Computer Repair Running Cable Law Enforcement PowerPoint Compliance Current Events Solid State Drive Password Data storage Intranet Value Twitter Flexibility Administration Patch Management Hacker Laptop Vendor Risk Management Avoiding Downtime Legal File Sharing Data Breach Hard Drive Save Time Regulations Applications Mobility Downtime Wireless SaaS Company Culture End of Support Hosted Solution Robot Software as a Service Meetings Securty Private Cloud Social Networking Monitoring Word Telephony Cortana Machine Learning Employee/Employer Relationship Management Telephone Systems Black Market Cooperation Cryptocurrency Vulnerabilities Fax Server Scam Business Growth Net Neutrality Chrome User Business Intelligence Google Maps Virtual Desktop Digital Payment Digital Social Paperless Office Router Sports Websites Social Engineering Disaster DDoS Excel Comparison Tablet Mobile Technology Computing Infrastructure Hack Trending How To Mouse Cost Managed Services Provider IT service Download Uninterrupted Power Supply Programming Statistics Gaming Console Vulnerability eWaste How To Bitcoin Network Congestion Data Protection Co-managed IT Webcam Managed Services Bluetooth Microchip Taxes User Error Text Messaging Smart Devices Managed IT Service Distributed Denial of Service Multi-factor Authentication Telephone Video Conferencing Downloads Streaming Media Google Docs Processors Public Cloud Licensing Memory Processor USB Lifestyle Experience Monitors Identity Theft Redundancy Presentation Cleaning Inbound Marketing Office Tips Notifications Specifications Safety Evernote Solutions Employees YouTube Virtual Reality Pain Points Professional Services Virtual Assistant Politics Documents Automobile Computer Accessories Unified Communications Settings Emails Distribution Entertainment Teamwork Heating/Cooling Chromebook Integration Start Menu Tech Terms Fileless Malware Hybrid Cloud Telephone System Managing IT Services Access Turn Key LinkedIn Upselling Mobile Security Holidays Emergency Hard Drive Disposal Messenger Tracking Printer Server Surveillance Computer Care PDF Software License Modem Trends Strategy Telework Microsoft Excel Permissions Language Rental Service Trojan Proxy Server Multi-Factor Security Azure Video Surveillance Cabling Organize Archive Fraud Term Saving ZTime Tactics Remote Workers Google Drive Windows Server 2008 Best Available Keyboard Web Server Skype Electronic Medical Records Devices Transportation IT Workers Directions Display Virtual Private Network Spyware Mobile Payment switches Writing Administrator UTM Recording Content Optimization Music Domains Books Development Electricity Printing Upgrades Harddrive IT Plan SSID Enterprise Resource Planning FinTech Public Speaking Supercomputer Point of Contact Dark Web Legislation Free Resource Debate Error Worker email scam Processing Addiction Data Storage LiFi Shortcut Health IT GPS Accountants A.I. Reading Samsung Webinar External Harddrive Wasting Time Procurement cache Television Entrepreneur Logistics Virtual Machines Troubleshooting WannaCry Environment Deep Learning G Suite Recycling Migration Connected Devices Cyber security Organization HIPAA Work/Life Balance Employer Employee Relationship Analytic Bookmark Wireless Headphones Corporate Profile Electronic Payment Google Play Thin CLient Network Management Telephone Service PCI DSS Time Management Freedom of Information Visible Light Communication Competition Hacks Physical Security Product Reviews 3D Equifax Employer/Employee Relationships Ebay Fleet Tracking Communitications Relocation Tablets Read Smart Phones Managing Costs Supply Chain Management Assessment SharePoint IT consulting Banking Botnet Device security Microsoft 365 MSP Business Owner Nanotechnology Social Network Internet Service Provider Google Calendar Sync Desktop Medical IT Finance Trend Micro AI Tip of the week IP Address Browsers VoIP CIO Human Resources Device Management Business Cards Security Cameras Leadership Service Level Agreement Threats Regulations Compliance Touchscreen News Advertising Application Flash CCTV Best Practives User Tip Adminstration Startup Proactive Maintenance Pirating Information Asset Tracking IT Assessment Google Wallet Reliable Computing Content Management Unified Threat Management Navigation Backup and Disaster Recovery Virtual Machine Remote Working Consultation Windows XP Business Metrics Computer Malfunction Business Managemenet Username Knowledge Staffing Data Analysis Screen Reader Customer Resource management Technology Tips Displays In Internet of Things Microserver Gamification eCommerce Supply Chains Society Electronic Health Records Audit Micrsooft online Currency Piracy GDPR Upload Managing Risk Financial Data Fake News Digital Signature Printers Smart Tech SQL Server Drones Scalability Fiber-Optic Tech Database Hypervisor Data Warehousing Motion Sickness Get More Done HTML Memes Managing Stress Productuvuty Regulation Personal Information 3D Printing Financial CrashOverride Capital

toner1