For others, the browser may crash entirely.Īs the attack continues to flood the IPC channel it could also consume large amounts of memory or pin the CPU usage as shown in Task Manager below. When a Firefox desktop users visits a page hosting this attack, their browser will quickly become unresponsive and they may see a "Not Responding" screen in Windows as shown below. "What happens is that we generate a file (a blob) that contains an extremely long filename and prompt the user to download it every 1ms, therefore it flood the IPC channel between the child and main process, making the browser at the very least freeze." Haddouche told BleepingComputer in an interview. This causes the browser to freeze and ultimately crash. This attacks works by flooding the IPC channel between the main Firefox browser process and a child process. (and yes, it includes a crash / freeze for Firefox and its source code as promised) /Q6UlBWIXe6 Some of the attacks created by Haddouche could even be used to crash an iPhone using CSS and HTML. This attack was created by Sabri Haddouche, a security researcher at Wire, who has been releasing denial-of-service attacks that cause popular web browsers to crash or freeze. A new attack has been created that can crash or freeze the Mozilla Firefox desktop browser simply by visiting a web page that contains an embedded JavaScript script.
0 Comments
Leave a Reply. |