Newsletter Archives

  • Google Chrome Browser Vulnerability – check your “where to save file” settings

    Posted on May 20, 2017 at 19:16 CDT by Comment in the Forums

    Last week, a new topic was posted on a vulnerability on Google Chrome Browser over on Code Red – security advisories.

    Kirsty wrote:
    From Catalin Cimpanu, on bleepingcomputer.com:

    Just by accessing a folder containing a malicious SCF file, a user will unwittingly share his computer’s login credentials with an attacker via Google Chrome and the SMB protocol.

    Users can do this by visiting:
    Settings -> Show advanced settings -> Ask where to save each file before downloading

    More advanced protection measures include blocking outbound SMB requests via firewalls, so local computers can’t query remote SMB servers.

     
    Bosko Stankovic, on defense.com said:

    With its default configuration, Chrome browser will automatically download files that it deems safe without prompting the user for a download location but instead using the preset one. From a security standpoint, this feature is not an ideal behavior

    In order to disable automatic downloads in Google Chrome, the following changes should be made: Settings -> Show advanced settings -> Check the Ask where to save each file before downloading option. Manually approving each download attempt significantly decreases the risk of NTLMv2 credential theft attacks using SCF files.

     
    scmagazine.com discussed this issue in Greg Masters’ article – see today’s post on this over on Google Chrome Flaw Could Allow Windows Credential Theft

    Now would be a good time to check that your browser is set to ask where to save downloads, even if you use another brand.

    Security , , ,
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.