GOOGLE CHROME CLICKJACKING VULNERABILITY

Updated: 02/03/2009 10:40
Reprints/Permissions  Hyip Monitor
A researcher published the Google Chrome clickjacking vulnerability PoC last week. Clickjacking occurs when an attacker places an invisible button...

A researcher published the Google Chrome clickjacking vulnerability PoC last week. Clickjacking occurs when an attacker places an invisible button just above the viewable content of the web page. The attacker then waits for the user to mistakenly click the button. Once the user has clicked the infected button, they unknowingly can be forced into actions not otherwise intended.

Aditya Sood, the researcher, said that Microsoft attempted to fix the clickjacking issue in IE8 and this drove him to examine whether the problem exists elsewhere. Google as well announced that it was working on a permanent fix.

To avoid the possibility of clickjacking, users should remember to log out of all websites when they finish and to delete periodically their cookie files to ensure proper logout.

To reduce the potential dangers to clickjacking, users can apply to version 10 of Adobe Flash and if browsing with Firefox, install the NoScript plugin, as said Jeremiah Grossman, founder and CTO of web security firm WhiteHat Security. Soon after, Adobe fixed defect, which could have given an attacker access to a victim's webcam and microphone.

EcommerceJournal


About the author

Nicole Berger has over seven years experience writing and editing for online and print media. She has held various editor and associate editor positions in some of forefront independent media publications. A consistently dependable team player, I thrive in a high-pressure environment, enjoy the challenges of meeting deadlines and managing a team, and am comfortable researching, writing and editing on a wide range of topics.
You May Also Like