New vulnerability was found in Google Chrome

IMPERVA RED, which is engaged in cybersecurity, found a serious vulnerability to Google Chrome and other Chromium browsers. The vulnerability is called the CVE-2022-3656. Due to safety violations, personal information can be stolen, for example, passwords or even bitcoin-wallets.

According to IMPERVA RED, vulnerability was detected as a result of studying the interaction of a browser with a computer file system. In particular, during the search for vulnerabilities associated with the processing of symbolic links (Simlink).

IMPERVA RED researchers described a possible attack scenario. The attacker can create a fake site of a cryptocurrency wallet, which in the process will replace the restoration keys to the aforementioned Simlinka. Thus, attackers can quietly abduct the personal data of users.

However, Chrome users can easily protect themselves now. It is enough to update the browser to version 108, where the vulnerability is completely eliminated. The current version of the browser at the time of writing this news is 109. Probably, most users are already reliably protected from this vulnerability.

In order to minimize the risks from such attacks, you need to use only official assemblies of browsers, where auto -renewal works correctly. But if, for example, a portable or irrelevant version of the browser is used – risks increase many times.

/Media reports cited above.