Google To Roll Out New Chrome Update Against Punycode
Last version of Google Chrome was quiet vulnerable to phishing attacks.
Google to roll out Chrome 59 soon.
Google has initiated the rolling out of an update of the beta version of its Chrome browser. The last version (57.0.2987) was experiencing a flaw, making browser vulnerable to the phishing attacks.
It’s all due to the Punycode that uses special ASCII characters in URLs to output Unicode in a browser. This Punycode helps phishers to register fake domains that look familiar to the real website. As an example, it is possible to register domains such as "xn--pple-43d.com", which is equivalent to "аpple.com".
As a proof-of-concept by a software engineer, Xudong Zheng, one such URL appears to direct people to apple.com, but is in reality www.xn--80ak6aa92e.com. The xn-- prefix tells browsers like Chrome that the domain uses ASCII compatible encoding.
The issue was reported to Google on January 20th.
Luckily, Microsoft Edge, Internet Explorer and Safari have already patched the flaw and Google is just catching up as the issue has been fixed in Chrome 59. Currently live in the Canary as an advance beta release, Google will likely make it available to all Chrome users soon.
Recommended For You
- Deepika Padukone, Ranbir Kapoor Walk Down Memory Lane On The Ramp
- Indian Football Will Benefit From Corporate Investment at Grassroots, Says Eugeneson Lyngdoh
- Throwback Thursday: When Sanjay Dutt Said He'd Marry Madhuri Dixit If Given an Option
- Jacqueline Fernandez Thinks These Two Stars Are The Fittest Actors In Bollywood
- Throwback Thursday: When Aishwarya Rai's Response To 'If She Still Lives With Her Parents' Won Hearts