Google To Roll Out New Chrome Update Against Punycode
Google to roll out Chrome 59 soon.
Google has initiated the rolling out of an update of the beta version of its Chrome browser. The last version (57.0.2987) was experiencing a flaw, making browser vulnerable to the phishing attacks.
It’s all due to the Punycode that uses special ASCII characters in URLs to output Unicode in a browser. This Punycode helps phishers to register fake domains that look familiar to the real website. As an example, it is possible to register domains such as "xn--pple-43d.com", which is equivalent to "аpple.com".
As a proof-of-concept by a software engineer, Xudong Zheng, one such URL appears to direct people to apple.com, but is in reality www.xn--80ak6aa92e.com. The xn-- prefix tells browsers like Chrome that the domain uses ASCII compatible encoding.
The issue was reported to Google on January 20th.
Luckily, Microsoft Edge, Internet Explorer and Safari have already patched the flaw and Google is just catching up as the issue has been fixed in Chrome 59. Currently live in the Canary as an advance beta release, Google will likely make it available to all Chrome users soon.
Recommended For You
- OnePlus 5 vs OnePlus 3T vs OnePlus 3: What Difference to Expect?
- Mithali Raj Shatters World Record, Slams 7th Consecutive ODI Fifty
- Jagga Jasoos: Katrina, Ranbir Look Adorable in the New Song Jhumritalaiyya
- Hockey World League: India Thrash Pak 6-1, to Face Canada in 5th-6th Playoff
- Jaguar Teases E-pace, to Make Global Debut on July 13th