Microsoft released updates for its Edge browser last week that fixed two security bugs, one of which is a security bypass vulnerability that may be used to inject and execute arbitrary code in the context of any website.
The vulnerability, termed CVE-2021-34506 (CVSS score: 5.4), is triggered by a universal cross-site scripting (UXSS) bug that occurs while using Microsoft Translator to automatically translate web pages using the browser’s built-in feature, reported by The Hacker News.
Ignacio Laurence, Vansh Devgan, and Shivam Kumar Singh with CyberXplore Private Limited are credited for identifying and reporting CVE-2021-34506.
“Unlike the common XSS attacks, UXSS is a type of attack that exploits client-side vulnerabilities in the browser or browser extensions in order to generate an XSS condition, and execute malicious code,” CyberXplore researchers said in their blog post.
“When such vulnerabilities are found and exploited, the behavior of the browser is affected, and its security features may be bypassed or disabled.”
As per the reports, the researchers discovered that the translation feature contained a flaw in the code that failed to sanitize input, allowing an attacker to potentially inject malicious JavaScript code anywhere on the webpage, which is then executed when the user clicks the prompt in the address bar to translate the page.
The researchers demonstrated that adding a comment to a YouTube video written in a language other than English, along with an XSS payload, may trigger the attack as a proof-of-concept (PoC) exploit.
In a similar manner, a Facebook friend request with other language content and the XSS payload was discovered to run the code as soon as the recipient checked out the user’s profile.
Following a responsible disclosure on June 3, Microsoft fixed the bug on June 24 and gave the researchers a $20,000 bug incentive as part of its bug bounty program.
Users should update to the latest version of the Edge browser.
The latest version of the Chromium-based browser (version 91.0.864.59) can be downloaded by going to Settings and more > About Microsoft Edge (edge:/settings/help).
Also read:
Nobelium hackers breached Microsoft support to target its customers
Microsoft warns about phishing attack by Nobelium group spoofing USAID
Microsoft warns of data stealing malware (StrRAT Fake-Ransomware RAT)
Fake Microsoft Authenticator extension spotted in the Chrome Web Store