Exploiting Chrome and Opera’s inbuilt ATOM/RSS reader with Script Execution and more

Leigh

The Google Chrome and Opera browsers present an interesting case study of another example of how to exploit vulnerabilities, in both instances through the respective browser’s embedded Rich Site Summary (RSS) reader.

These vulnerabilities are exploited by a user who clicks a RSS feed link from an email or in a browser.  Pay attention now: this provides another great opportunity for us to remind you to never click an untrusted link!

The first example of this vulnerability works a user selects the RSS feed link.  Once the RSS feed executes, JavaScript code is executed to give the evil actor control of the user’s browser.

The second example is similar, but works through a trusted site.  The evil actor can integrate malicious code into the interface of the trusted site or through the use of a file download.  Again, when the user attempts to view the RSS feed, the malicious code takes control of the browser.

Rest assured though, both Google and Opera recognized and corrected this vulnerability.  To be sure you are safe, validate your Google Chrome is version 3.0.195.21 or higher and your Opera version is at least version 10.

Although this security risk was corrected by both platforms, it is another reminder to maintain vigilance when using the Internet.  As stated above, never click untrusted links and do not visit untrusted sites.  There is always a bit of malicious code waiting for that next mouse click.

Leave a Comment