AVG Chrome Extension Leaks User Data

So if you are one of the millions of users using the AVG software on your computer and you happen to use Google Chrome for your browsing sessions then you may want to roll out a different virus scanner as it appears the AVG virus team decided to bypass chrome security and directly read your user data for no apparent reason other then to spy on you.

The flaw was uncovered because of the search engine’s Tavis Ormandy, exactly who works on Google’s safety measures team. He explained which the software force installs a plugin from the Chrome browser without seeking the user’s permission.

The particular vulnerability, demonstrated in an exploit with a Google researcher earlier this year, has now been patched after initial stumbling attempts by means of AVG, according to a discussion on the bug in Google’s safety measures research discussion list.
In doing this, the software could reveal the user’s personal particulars and internet history to criminals trawling the net for such details. The code may also let hackers spy on victims’ emails along with other online activities, he said.

Find A Reliable Virus Scanner

“This extension adds several JavaScript API’s to stainless-, apparently so that they could hijack search settings and the new tab page, ” Ormandy wrote from the bug report.
“The installation process is quite complicated to be able to bypass the chrome adware and spyware checks, which specifically tries to stop abuse of the file format API.
He added: “Anyway, a lot of the API’s are broken, the particular attached exploit steals cookies from avg. com. It also exposes browsing history along with other personal data to the internet, I wouldn’t be stunned if it’s possible to show this into arbitrary value execution. ”
After discovering the condition, Ormandy wrote a correspondence to AVG, highlighting the issue in addition to advising the company to system immediately.
“My concern is your security software is disabling internet security for nine mil Chrome users, apparently to help you hijack search settings and the new tab page, ” he wrote.
“There are multiple obvious attacks possible, one example is, here is a trivial universal xss from the ‘navigate’ API that makes it possible for any website to execute script from the context of any various other domain. For example, adversary. com can read e mail from mail.google.com, or perhaps corp.avg.com, or other things that are. I hope the severity with this issue is clear to your account, fixing it should always be your highest priority. “

Be the first to comment

Leave a Reply

Your email address will not be published.