Google To Roll Out New Chrome Update Against Punycode
Last version of Google Chrome was quiet vulnerable to phishing attacks.
Google to roll out Chrome 59 soon.
Google has initiated the rolling out of an update of the beta version of its Chrome browser. The last version (57.0.2987) was experiencing a flaw, making browser vulnerable to the phishing attacks.
It’s all due to the Punycode that uses special ASCII characters in URLs to output Unicode in a browser. This Punycode helps phishers to register fake domains that look familiar to the real website. As an example, it is possible to register domains such as "xn--pple-43d.com", which is equivalent to "аpple.com".
As a proof-of-concept by a software engineer, Xudong Zheng, one such URL appears to direct people to apple.com, but is in reality www.xn--80ak6aa92e.com. The xn-- prefix tells browsers like Chrome that the domain uses ASCII compatible encoding.
The issue was reported to Google on January 20th.
Luckily, Microsoft Edge, Internet Explorer and Safari have already patched the flaw and Google is just catching up as the issue has been fixed in Chrome 59. Currently live in the Canary as an advance beta release, Google will likely make it available to all Chrome users soon.
Recommended For You
- Is Shah Rukh Khan Having A Fourth Kid? Find Out Here
- Sidharth Malhotra On Aiyaary And PadMan Clash: It Irritates, But Now It's Too Late
- All-New Maruti Suzuki Swift First Drive Review: Everything Done Right
- Stop Monkeying Around, Farhan Akhtar & Prakash Raj Tell Satyapal Singh; Minister Defiant
- 'This is the Best Catch You Will Ever See,' Weatherald Takes a Blinder in BBL