|Title:||Google Chrome Extensions Securit Updates (MAC OS X)|
|Summary:||The host is installed with Google Chrome; extensions and is prone to multiple vulnerabilities.|
The host is installed with Google Chrome
extensions and is prone to multiple vulnerabilities.
Multiple flaws exists due to,
- If an extension asks for permission to read, write, and change data on all
websites, there is no option available using which users can explicitly
blacklist or white list a specific set of websites.
- Code Obfuscation for Chrome Extensions.
- Missing 2-Step Verification on Chrome Web Store accounts.
- Absence of more in-depth review of extensions that ask for 'powerful permissions'.
Successful exploitation will allow attackers
to automatically read and change data on websites using extensions, inject
malicious code, conduct phishing attack and bypass security restrictions.
Google Chrome version prior to 70.0.3538.35
Upgrade to Google Chrome version 70.0.3538.35
or later. For updates refer to Reference links.
|Copyright||Copyright (C) 2018 Greenbone Networks GmbH|
|This is only one of 71225 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.