A new security vulnerability in Google’s Chrome browser could make it harder for a Russian hacker to gain access to computers.
A recent security update to the Chrome browser made it possible for attackers to use a specially crafted HTTP request to open a user’s browser’s login page.
The bug affects a small subset of Chrome users and can be exploited with the following command:chrome://login.google.com/login The vulnerability could be exploited by an attacker to get a list of all logged-in users, or even to steal passwords from a system.
The vulnerability was first spotted by security researchers in April and the Google engineers immediately fixed it, adding a patch for the vulnerability that was pushed to all affected users last week.
Google has also issued an advisory that states that “The bug in question does not impact Chrome versions earlier than 56.0.2844.74, as we are aware.
However, users of the older versions of Chrome (and the Google Chrome browser) should be careful about this vulnerability because they are not yet vulnerable to it.
That would be the same way a hacker would be capable of accessing a victim in the browser itself.
An attacker would have to have access to an account, but the attacker would also need to have the ability to compromise the victim browser.
That means the attacker can be a network administrator, a malicious user, or anyone else who has access to the victim account.
Google said the vulnerability would only be exploited in the wild if a specially-crafted request is made, and it only affects users who are logged into their browser via their Google account.
While the vulnerability could only be fixed in Chrome 56.x, the browser is still vulnerable to a previous version of the browser, version 55.x.