![]() ![]() ![]() This means that malicious hosts would need to induce users to trigger a navigation somehow, such as by clicking a link. The strict-blocking warning page is only displayed when direct navigations are blocked. It requires that users become active, e.g. When the extension crashes, users are left without protection until it is reloaded. Default installations of the extensions use filter lists that include strict blocking filters.Īn attacker may exploit the vulnerability to get the extension to crash or cause memory exhaustion according to the researcher. Strict blocking prevents all connections to resources that match the filter. The vulnerability exploits code used by the extensions strict blocking feature. The Firefox extension, for which I wrote a guide in 2017, has more than 29,000 users at the time of writing.Ī security researcher discovered a vulnerability in all three extensions. Google's Chrome Web Store, on which it is still listed, reveals that it has more than 100,000 users, a figure that can be higher as Google does not echo total number of users to the public. The uMatrix browser extension is still in use. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |