A little known feature of modern browsers can be used to install malware on victimsâ€™ computers. The discovery, documented by Google security engineer Michal Zalewski, was demonstrated in a proof of concept attack on Tuesday.
The attack is based on the fact that one document can navigate other, non-same-origin windows to URLs of choice that may contain malware. When this feature is successfully exploited, the attacker can initiate a malicious download that appears to originate from a legitimate page.
The social engineering part is extremely efficient, as the attacker can force the malicious download on a page the user would normally expect to offer a legitimate file. More than that, the address of the website will not get updated to reflect the redirect, which is reassuring enough for the average user.
â€œThe problem also poses an interesting challenge to sites that frame gadgets, games, or advertisements from third-party sources; evenÂ HTML5 sandboxed framesÂ permit the initiation of rogue downloads, wrote Zalewski on his blog.
The proof-of-concept code has been confirmed to work with the top three browsers (Chrome, Internet Explorer and Firefox). Although all three vendors have been notified, no fix is available yet. The report also states that, apart from Google, other vendors will likely not address the issue.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.