Monday, July 4, 2011

Hole in Google Chrome that granted unauthorised access to gmail accounts

Web extensions to become a new attack vector

A penetration tester has exploted a hole in Google Chrome that granted unauthorised access to gmail accounts.

WhiteHat Security researcher Matt Johansen identified the vulnerability in a Chrome OS note-taking application. He disclosed the hole to Google which patched it and gave him US$1000 as part of its Chromium security initiative.

Johansen told Reuters he intercepted data travelling between a Chrome browser extension and the Google cloud. Google has not yet revealed details of the security hole which Johansen plans to release at the Black Hat conference in Las Vegas this year.

Google extensions, written by third party software developers, were a ripe target for attack because they were granted more privileged access rights to Google cloud data than what the browser offered to web sites.

WhiteHat security detailed in a 2007 research paper a series of web application security vulnerabilities that could also be used to attack web browser extensions in Chrome and Mozilla FireFox.

Chrome OS director Caesar Sengupta said there are "significant benefits to security" by storing apps within the browser.

No comments: