Google Chrome, one of the most widely used web browsers globally, has been hit by a severe security vulnerability that could compromise the data of over 2.5 billion users. The vulnerability, dubbed CVE-2022-3656, was discovered by cyber security firm Imperva Red during a review of the browser’s interaction with the file system. The vulnerability relates explicitly to how Google Chrome and Chromium-based browsers process symlinks, a type of file that links to another directory or file.
According to Imperva Red, the vulnerability could lead to the unauthorized theft of sensitive data such as cloud wallets and crypto-wallets credentials. The vulnerability exists because of how the browser interacts with symlinks in processing directories and files. Specifically, the browser failed to correctly determine whether the symlink was pointed to a directory that should not have access. This made it possible for attackers to gain access to sensitive files and steal sensitive data.
One example of how attackers could exploit this vulnerability is by creating a fake website offering a new cryptocurrency wallet service. The fake website could trick users into creating a wallet by asking them to download their recovery keys. However, these keys are a zip file containing a symlink to a sensitive file or directory on the user’s computer, such as cloud provider credentials. Once the user uploads the “recovery” keys to the site, the symlink is processed, and the attacker now has access to the document.
This vulnerability is a serious concern for all Google Chrome and Chromium-based browser users, and they must take steps to protect their data. Google has yet to release a patch to fix this vulnerability. Still, users can take some steps to protect themselves, such as being cautious of downloading files from unknown sources and not clicking on links from suspicious emails. Additionally, users should be aware of the symlink vulnerability and understand how it can be used to gain unauthorized access to sensitive data.
Overall, this security breach highlights the importance of staying vigilant regarding online security and the need for companies to continuously review and improve their security measures to protect users from cyber threats. The incident also reminds users to stay vigilant regarding online security and be aware of any suspicious activity on their browsers and computer.