Slashdot Mirror

← Back to Stories (view on slashdot.org)

Insecure Plugins Ding IE, Safari, Chrome, Opera

Posted by kdawson on from the black-powder-in-the-sandbox dept.

krebsonsecurity writes "The Web browser wars often focus on which browser is more secure, but the dirty secret is that insecure plugins are a serious threat to all browsers, from the perspectives of both stability and security. Krebsonsecurity.com features an informative look at the administration page for a popular browser exploit kit called Eleonora, which suggests that plugins like Adobe Reader and Java are leading to successful compromises for users surfing not just with Internet Explorer, but also with Google Chrome, Firefox, Safari, and Opera."

4 of 141 comments (clear)

  1. Headline? by Anonymous Coward · · Score: 3, Interesting

    Why doesn't the headline list Firefox, too?

  2. Re:Sandboxing? by Anonymous Coward · · Score: 3, Interesting

    From page 30 of the Chrome Comic (http://www.google.com/googlebooks/chrome/small_30.html)

    "Plugins have capabilities that aren't public standards, so we can't sandbox these yet."
    "Though with some small changes on the part of the plugin makers, we can get them to run at a lower privilege which would be much safer."

  3. Re:Sandboxing? by jpmorgan · · Score: 5, Interesting

    IE7/8 uses NT6.x's mandatory access control mechanism to run itself in 'protected mode,' which really just means it's running as a low integrity process with minimal system access. It also uses a different plugin model from Chrome and Firefox, and yes, it tries to run plugins inside the low-integrity sandbox.

    The problem is that Sun and Adobe took the shortcut of explicitly breaking the sandbox (from the outside) rather than make Java and Flash work within it.

  4. Re:Wrong. Extensions can use native code. by QuoteMstr · · Score: 3, Interesting

    Even pure Javascript extensions aren't "secure". They can access all the usual XPCOM interfaces to do nasty things like overwrite all your files, and in later versions, they can use the Javascript foreign function interface to call any code C++ could.

    It is essential to look at Javascript extensions as having the same security properties as native code ones.

    However, plugins can be safer because their more clearly delineated NPAPI interface allows them to be run out of process, where in principle, they can be sandboxed.