google

Google Chrome issue allows overwriting the clipboard content

A security issue in the Google Chrome browser could allow malicious web pages to automatically overwrite clipboard content.

A vulnerability in the Google Chrome browser, as well as Chromium-based browsers, could allow malicious web pages to automatically overwrite the clipboard content without any user interaction and consent simply visiting them.

SecurityAffairs reports, According to a blog post published by the developed Jeff Johnson is issue was introduced in version 104.

“This blog post isn’t just about Google Chrome, it’s also about Safari and Firefox. Chrome is currently the worst offender, because the user gesture requirement for writing to the clipboard was accidentally broken in version 104.” reads the post. “A public demonstration of the brokenness has been posted on Web Platform News. If you simply visit the demonstration page in Google Chrome or a Chromium browser, then your system clipboard will be overwritten with the text below. (It’s all plain text in your clipboard, but I’ve added a hyperlink for your convenience.)”

The developer explained that in Chrome the requirement for a user gesture to copy (selecting a piece of text and pressing Control+C (or ⌘-C for macOS) or selecting “Copy” from the context menu) the content to the clipboard is currently broken.

The expert said that gestures are not limited to the above actions, the following DOM events give a web page permission to use the clipboard API to overwrite your system clipboard:

  • click
  • copy
  • cut
  • focusout
  • keydown
  • keyup
  • mousedown
  • mouseup
  • pointerdown (desktop only)
  • pointerup (desktop only)
  • selectstart

This means that clicking on a link or pressing the arrow key to scroll down the page gives the website permission to overwrite your system clipboard. This issue affects every web browser, including Safari (desktop and mobile) and Firefox.

Recommended:  Google Offering $91,000 Rewards for Linux Kernel, GKE Zero-Days

The capability to overwrite the content of a clipboard allows attackers to potentially conduct multiple malicious activities. An attacker could exploit the issue to replace the wallet address while the victim is performing a transaction. In order to exploit the flaw, threat actors could trick victims into visiting a specially crafted webpage.

“The potential for maliciousness should be obvious. While you’re navigating a web page, the page can without your knowledge erase the current contents of your system clipboard, which may have been valuable to you, and replace them with anything the page wants, which could be dangerous to you the next time you paste.” Johnson added.

Google published an advisory on this issue and is working to fix it.

“After enabling the custom format restriction for all async clipboard methods, we found NewTabPageDoodleShareDialogFocusTest.All test that relies on readText to be called without any user gesture. We are disabling the user gesture requirement for read/writeText for now, but we should revisit this.” reads Google’s advisory.

source

Suggest an edit to this article

Go to Cybersecurity Knowledge Base

Got to the Latest Cybersecurity News

Go to Cybersecurity Academy

Go to Homepage

Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for our Weekly Cybersecurity Newsletter Today.

Remember, CyberSecurity Starts With You!

  • Globally, 30,000 websites are hacked daily.
  • 64% of companies worldwide have experienced at least one form of a cyber attack.
  • There were 20M breached records in March 2021.
  • In 2020, ransomware cases grew by 150%.
  • Email is responsible for around 94% of all malware.
  • Every 39 seconds, there is a new attack somewhere on the web.
  • An average of around 24,000 malicious mobile apps are blocked daily on the internet.
Bookmark
Recommended:  Google Chrome Zero-Day Bugs Exploited Weeks Ahead of Patch
Share the word, let's increase Cybersecurity Awareness as we know it

Leave a Comment

Your email address will not be published. Required fields are marked *

RiSec Captcha − 2 = 1