Jump to content

Browser exploit: Difference between revisions

From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
added a citation
Citation bot (talk | contribs)
Bots
5,693,605 edits
Alter: url. URLs might have been anonymized. Add: s2cid, authors 1-1. Removed parameters. Some additions/deletions were parameter name changes. | Use this bot. Report bugs. | Suggested by Whoop whoop pull up | Category:Web browsers | #UCB_Category 41/125
Line 1: Line 1:
{{Refimprove|date=January 2017}}
{{Refimprove|date=January 2017}}
A '''browser exploit''' is a form of malicious code that takes advantage of a flaw or vulnerability in an operating system or piece of software with the intent to breach [[browser security]] to alter a user's browser settings without their knowledge.<ref>{{Cite journal|last=Sood|first=Aditya K.|last2=Zeadally|first2=Sherali|date=2016-09-28|title=Drive-By Download Attacks: A Comparative Study|url=http://ieeexplore.ieee.org/document/7579103/|journal=IT Professional|volume=18|issue=5|pages=18–25|doi=10.1109/MITP.2016.85|issn=1520-9202}}</ref> Malicious code may exploit [[ActiveX]], [[HTML]], images, [[Java (programming language)|Java]], [[JavaScript]], and other Web technologies and cause the browser to run arbitrary code.
A '''browser exploit''' is a form of malicious code that takes advantage of a flaw or vulnerability in an operating system or piece of software with the intent to breach [[browser security]] to alter a user's browser settings without their knowledge.<ref>{{Cite journal|last1=Sood|first1=Aditya K.|last2=Zeadally|first2=Sherali|date=2016-09-28|title=Drive-By Download Attacks: A Comparative Study|url=https://ieeexplore.ieee.org/document/7579103|journal=IT Professional|volume=18|issue=5|pages=18–25|doi=10.1109/MITP.2016.85|s2cid=27808214|issn=1520-9202}}</ref> Malicious code may exploit [[ActiveX]], [[HTML]], images, [[Java (programming language)|Java]], [[JavaScript]], and other Web technologies and cause the browser to run arbitrary code.


==Symptoms==
==Symptoms==

Revision as of 04:09, 20 December 2021

A browser exploit is a form of malicious code that takes advantage of a flaw or vulnerability in an operating system or piece of software with the intent to breach browser security to alter a user's browser settings without their knowledge.[1] Malicious code may exploit ActiveX, HTML, images, Java, JavaScript, and other Web technologies and cause the browser to run arbitrary code.

Symptoms

Users whose web browsers have fallen victim of a successful browser exploit may find their homepage, search page, and/or favorites have been changed. Other signs include Internet settings options within the browser being altered, access being blocked to specific functions, and the redirection of incorrectly typed URL prefixes.

Prevention

There are multiple ways users can protect their web browsers from falling victim to a browser exploit. Such things include installing firewall software, keeping software updated, being cautious when downloading files, and not opening email attachments from unknown sources.

Notable browser exploits

JailbreakMe is a series of browser based exploits used to jailbreak Apple's iOS mobile operating system. It uses an exploit in the browser's PDF parser to execute unauthorised code and gain access to the underlying operating system.

See also

References

  1. ^ Sood, Aditya K.; Zeadally, Sherali (2016-09-28). "Drive-By Download Attacks: A Comparative Study". IT Professional. 18 (5): 18–25. doi:10.1109/MITP.2016.85. ISSN 1520-9202. S2CID 27808214.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Browser_exploit&oldid=1061182053"