Because of this problem, the attacker could endanger any user who browsed a malicious site using Internet Explorer and had Google Chrome installed.
As per IBM Rational Application Security Insider, this allowed a dangerous combination of new security vulnerabilities letting a malicious attacker to bypass the Same Origin Policy restrictions for any site using the victim’s Google Chrome.
The dangerous impact:
- Cross-Site Scripting attack where the attacker could steal cookies, save form filler data, modify user-browsing experience and facilitate phishing attacks.
- Leaking of information: from the victim’s files and directories on the local file-system.
But, the good news is that a FIX has been released: Version 1.0.154.59 of Chrome and hopefully, all the security issues revolving around Google Chrome are under control now.
Link: Fix for Chrome
(Source: GoogleChromeReleases | IBM watchfire)
One Comment
I spent a lot of research on this and the winner is http://www.freedur.com. It beats lame proxify.net site – I can open any site through freedur.
I watch Youtube videos at work ! They have a portable version – I put it on my USB stick. Nothing to install – just run it and it jsut works.
Super easy proxy solution for me.