Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Chrome extensions can be disabled without user interaction

Chrome extensions can be disabled without user interaction

2015/08/03

Softpedia - (International) Security experts from Detectify Labs discovered that an attacker could disable a list of Google Chrome security extensions upon visiting a site using the "ping" attribute inside a regular link, effectively removing safeguards without the user's knowledge. Google Chrome was notified of the vulnerability and released a patch addressing the issue.

Source: http://news.softpedia.com/news/chrome-extensions-can-be-disabled-without-user-interaction-488340.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:53