Browser crashes and OS freezes caused by a bug in the technology of search suggestions.
An experiment made by security researchers from Nightwatch Cybersecurity reveals that Chrome, Firefox, and Android ASOP are vulnerable to crashes. Crashes are observed either on the desktop and mobile versions of the browsers. They are caused by a bug in the search suggestions requests.
What Exactly Causes the Crashes?
In situations when we need to find some information on the Internet we just open our browser and do a search for a certain term. We can type and search for different queries in the search fields or right from the URL address bar in the browsers. Most of today’s browsers support this feature. One of the specifics of this feature is displaying similar suggestions when a given query is typed. The search suggestions feature that is a part of the working mechanism of the browsers is the key to causing browser crashes.
Let’s go deeper on this issue.
It’s the OpenSearch Suggestions Extension that allows browsers and other applications to send keyword queries to the servers of the search engines. According to the security experts from Nightwatch, the browser’s search engine provider has to protect these search suggestions using encrypted HTTPS channel. Otherwise, there is a loophole that allows an attacker on the local network to obstruct the search suggestions queries and send back an answer before the search provider. The root of a successful “browser-crash attack” is in the size of the response. Browsers do not check for the size of the search suggestions returns. So if the attacker inserts 2+GB of data inside the search suggestion response, the result will be drained browser or system memory resources. This, in turn, leads to browser crashes or OS freezes.
Which Are the Affected Browsers?
The test made by the security researchers led to successful crashes on:
- Android AOSP stock browser on Android (v4.4)
- Chrome v51 on Android (v6.01)
- Chrome v51 on desktop Linux (Ubuntu v16.04)
- Firefox v47 on desktop Linux (Ubuntu v16.04) and Android (v6.01)
Furthermore, the users of some browser built-in search providers are vulnerable to this attack because the lack of HTTPS channel. The list includes:
- Ask.com and AOL on Google Chrome
- Bing and Yahoo on Android’s stock browser
- Ebay on Mozilla Firefox
Is There Any Danger to the Security?
The researchers have tried to execute malicious code during the crashes. Fortunately, they had no success. Hopefully, the teams of Chrome, Android and Firefox will fix this issue soon. The good news is that the bug doesn’t appear to be a security issue.
Currently, browsers Safari, Internet Explorer and Edge are not among the affected by this bug in search suggestions. However, Safari is not such an exception as it had faced some crash problems at the start of the year.