Click here to read more
Quick read : Avast SafeZone Browser is under risk. It has a security flaw which allow malicious website to steal cookies, Saved passwords, Local files.
Avast Safezone Browser ?
Avast recently launched its own browser Avast SafeZone Browser. It based on Internet Giant Google’s Opensource project Chromium. Avast developer team built with the original source code. Which is Installed only with paid versions of anti-virus software. Which is also know as avastium. Google Project Zero researcher Tavis Ormandy found vulnerability that could allow an attacker to take control of Avastium when opening an attacker-controlled URL in any other locally installed browser.
By exploiting the security flaw, Attacker can allow access to read your website cookies, Saved password in your browser and full access to your online net banking account. Ormandy made a proof by exploiting the contents of C:\ . But attack can climb whatever he/she need.
This is because, Avast opens a Web accessible RPC service on the local computer that listens on port 27275. A malicious website opened in any browser can send commands to this service by forcing the browser by makeing requests to http://localhost:27275/command.
[wpdevart_like_box profile_id=”1552756811681602″ connections=”show” width=”800″ height=”170″ header=”small” cover_photo=”show” locale=”en_US”]
Joxean Koret, a security researcher who has found vulnerabilities in antivirus products in the past, has advised people on Twitter “not to use the browsers provided by antivirus vendors”.