Security News

Google Chrome has fixed a bug that enabled antivirus programs on Windows 10 to lock newly created files. The patching of the bug means antivirus programs running on Windows would no longer block new files generated by the Chrome web browser, such as bookmarks.

Google is experimenting with increased storage for the browser cache to reduce the performance hit caused by the recently added partitioned cache feature. To prevent these side-channel attacks, Google added a new feature to Chrome 85 that partitions the browser's disk cache so that each site utilizes its own cache that cannot be read by other sites.

Google has disabled a feature that displays a warning when submitting insecure forms after receiving many complaints from users and website administrators. Google has been focusing on removing mixed-content in Google Chrome, when a secure page loads content from an insecure URL. As part of this initiative, Google rolled out a new feature in Chrome 86 that warns users when submitting insecure forms from a secure page to an insecure URL. Submitting an insecure form would display a warning about the risks of doing so and asks the user if they wish to continue submitting the information.

Malware hidden in 28 third-party extensions for Google Chrome and Microsoft Edge redirects users to ads or phishing sites, Avast warned this week. These extensions were designed to redirect users to other websites.

Malicious Chrome and Edge browser extensions with over 3 million installs, most of them still available on the Chrome Web Store and the Microsoft Edge Add-ons portal, are capable of stealing users' info and redirecting them to phishing sites. While Avast spotted the extensions in November 2020, they estimate that they could have been used for malicious purposes for years given that some Chrome Web Store reviewers have reported link hijacking starting with December 2018.

A Mozilla Foundation update to the Firefox web browser, released Tuesday, tackles one critical vulnerability and a handful of high-severity bugs. The specific critical bug in Firefox was also highlighted earlier this month in Google's Chrome browser security update, where it was rated as a high-severity flaw.

Some ad networks are known for ruining Google Chrome's web browsing experience with videos or large images. In September, Google announced that it will start disbanding ad iframes using too many system resources.

When searching for things online, has a greater number of ads than usual been popping up at the top of your search results? If it has, and you're using Microsoft Edge, Google Chrome, Yandex Browser, or Mozilla Firefox, you might have fallen prey to the ad-injecting Adrozek malware. Modifying browser extensions by adding malicious scripts to them, which fetch additional scripts to injecting advertisements into search results.

Microsoft on Thursday took the wraps off an ongoing campaign impacting popular web browsers that stealthily injects malware-infested ads into search results to earn money via affiliate advertising. The campaign - which impacts Microsoft Edge, Google Chrome, Yandex Browser, and Mozilla Firefox browsers on Windows - aims to insert additional, unauthorized ads on top of legitimate ads displayed on search engine results pages, leading users to click on these ads inadvertently.

On Thursday Microsoft warned that there's an ongoing campaign to distribute malware that modifies web browsers to conduct credential theft and ad fraud. Since at least May, 2020, unidentified cybercriminals have been distributing a family of browser modifiers dubbed Adrozek, Microsoft said.