According to the latest reports, recently a well-known security researcher has discovered a new critical flaw that has the ability to block or freeze your browser and computer. In recent months, the well-known security researcher, Sabri Haddouche has been devoting himself to investigating denial-of-service attacks that cause most-used web browsers to block or freeze. Without going any further, last week this expert made known an attack developed by him that reboots the iPhone and slows the Mac.
This Critical Bug Can Crash Your Browser And Computer
If you think hackers always make money by engaging in criminal activity, then you were wrong! Giant companies like Google, Facebook now have bug bounty programs in which security researchers were rewarded for disclosing existing flaws in the system. But, apart from bug bounty programs, there are also security researchers who seek to find flaws but, not for any reward.
Recently, a well-known security researcher, Sabri Haddouche has discovered a new attack that has the ability to block or freeze Firefox on your computer. To make the browser to crash, all that is required is that the user has to visit a webpage with malicious JavaScript code embedded.
In recent months, the well-known security researcher, Sabri Haddouche has been devoting himself to investigating denial-of-service attacks that cause most-used web browsers to block or freeze. Without going any further, last week this expert made known an attack developed by him that reboots the iPhone and slows the Mac.
On this occasion, the researcher has focused on finding a vulnerability in the Mozilla’s well-known web browser, of course, the Firefox that allows him to block or restart Firefox, and finally he has found a way to do it.
Also read: How To Protect Mozilla Firefox Browser With Password
As on other occasions, the attack is very easy to execute, since it is triggered at the moment in which a user accesses a website with a malicious JavaScript code.
(and yes, it includes a crash / freeze for Firefox and its source code as promised) pic.twitter.com/Q6UlBWIXe6
— Sabri (@pwnsdx) September 23, 2019
In particular, the attack works by overloading the IPC (Inter-Process Communication) channel between the main browser process and a secondary process, which causes the program to freeze and crash.
“What happens is that we generate a file that contains an extremely long file name and we ask the user to download it every 1ms, which causes the IPC channel to be flooded,” says the well-known security researcher, of course, Sabri Haddouche.
But this is not all. If the attack continues to overload the IPC channel, it may begin to consume the computer’s resources in large quantities, which at the same time may cause the operating system to crash.
Also read: How To Remotely Shutdown PC From Anywhere With Smartphone
The well-known security researcher, of course, I am talking about the Sabri Haddouche has tested the effectiveness of his attack in the latest versions of Firefox Quantum, Firefox Beta and the desktop clients of Firefox Nightly. Of course, the browser version for mobile devices, fortunately, is not affected by this attack.
However, now according to the latest reports, Mozilla has already started working to solve the problem and prevent the attack from being used. So, what do you think about this new critical Firefox bug? Simply share all your views and thoughts in the comment section below.
