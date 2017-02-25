Severe IE 11 Bug Allows 'Persistent JavaScript' Attacks (bleepingcomputer.com) 17
An anonymous reader writes: New research published today shows how a malicious website owner could show a constant stream of popups, even after the user has left his site, or even worse, execute any kind of persistent JavaScript code while the user is on other domains. In an interview, the researcher who found these flaws explains that this flaw is an attacker's dream, as it could be used for: ad fraud (by continuing to load ads even when the user is navigating other sites), zero-day attacks (by downloading exploit code even after the user has left the page), tech support scams (by showing errors and popups on legitimate and reputable sites), and malvertising (by redirecting users later on, from other sites, even if they leave the malicious site too quickly).
This severe flaw in the browser security model affects only Internet Explorer 11, which unfortunately is the second most used browser version, after Chrome 55, with a market share of over 10%. Even worse for IE11 users, there's no fix available for this issue because the researcher has decided to stop reporting bugs to Microsoft after they've ignored many of his previous reports. For IE11 users, a demo page is available here.
This severe flaw in the browser security model affects only Internet Explorer 11, which unfortunately is the second most used browser version, after Chrome 55, with a market share of over 10%. Even worse for IE11 users, there's no fix available for this issue because the researcher has decided to stop reporting bugs to Microsoft after they've ignored many of his previous reports. For IE11 users, a demo page is available here.
Dump Microsoft (Score:1)
You know it makes sense.
Mind you Google isn't that much better
Dump google
you know it makes sense.
Re: (Score:1)
I wouldn't touch Google Chrome on Linux (Score:2)
Chrome requires its sandbox process to run as root. Well not on my systems it isn't. Won't run? Tough , I'll just use one of the many alternatives then.
Apparently google thinks is code is 100% exploit and bug free and don't see an issue with having a user application requiring superuser priviledges. Utter morons. And anyone who says to me "but its not the browser, its the sandbox" obviously know the square root of fuck all about security so don't even bother me with your ignorant opinions.
Re: (Score:2)
Chrome requires its sandbox process to run as root.
Chrome runs under the user id it was started from. No idea what you want to claim.
Stop reporting bugs? (Score:2)
there's no fix available for this issue because the researcher has decided to stop reporting bugs to Microsoft after they've ignored many of his previous reports.
I don't see the author saying this anywhere in Caballero's article. Maybe the reporter at the news site (and the submitter) should have read the article first.
For what it is worth, Caballero is a respected browser security researcher. I don't think he would do something like this.
Re: (Score:2)
So I re-read the article, and here is the part he journalist was referring to-
In my opinion, some people at Microsoft do not care and they just do what they want, so phrases like âoeresponsible disclosureâ will ring in my mind when the âoeresponsible patchingâ ring in their minds. To be clear: I will keep sharing my findings for as long as MSRC keeps acting like an unreachable rock star.
Okay maybe the journalist meant that the researcher won't wait 60/120 days disclosure, which is still a far cry from not reporting bugs at all.
Test result (Score:2)
1. Regular alert: Alert came up, second time. check marked it. Disappeared for ever.
2, 3, 4: htmlFile alert, all at once, in a zombie script: No effect, no popup, nothing.
Browser being tested: IE 11
no carrier
Fairly sure this can be done other ways... (Score:2)
Fairly sure this can be done other ways... Allakhazam (which has game info for many popular MMO's) auto-loads advertisements every few minutes, regardless of the users browser state.
My wife frequently walks away for 20+ minutes, only to have her computer randomly start playing an advertisement.. I suppose it isn't a "pop up", but clearly "auto refreshing for advertisement fraud" is possible and in use... And Allakhazam's method works on Firefox and Chrome from our experiences
Re: (Score:2)
Fairly sure this can be done other ways... Allakhazam (which has game info for many popular MMO's) auto-loads advertisements every few minutes, regardless of the users browser state.
My wife frequently walks away for 20+ minutes, only to have her computer randomly start playing an advertisement.. I suppose it isn't a "pop up", but clearly "auto refreshing for advertisement fraud" is possible and in use... And Allakhazam's method works on Firefox and Chrome from our experiences
To clarify, Browser state being "on and at their website", but otherwise irrespective (minimized, not in focus, not interacted with for many minutes, etc.)
Just IE (Score:2)
Re: (Score:2)
Will it die after killing the browser? (Score:2)
I see the problem (Score:1)
"new ActiveXObject('Microsoft.Ancient.Bad.Idea')" I think I've seen this exploit before. SMH. It's time to kill ActiveX in the browser already.