Browser exploit: Difference between revisions
Line 15: | Line 15: | ||
==Framework== |
==Framework== |
||
[[Exploit Pack |
[[Exploit Pack [XSS Paradise]] is the ultimate resource to test the security or insecurity of your browser. |
||
==See also== |
==See also== |
Revision as of 15:13, 26 April 2013
A browser exploit is a form of malicious code that takes advantage of a flaw or vulnerability in an operating system or piece of software with the intent to breach browser security to alter a user's browser settings without their knowledge. Malicious code may exploit ActiveX, HTML, images, Java, JavaScript, and other Web technologies and cause the browser to run arbitrary code.
Symptoms
Users whose web browsers have fallen victim of a successful browser exploit may find their homepage, search page, and/or favorites have been changed. Other signs include Internet settings options within the browser being altered, access being blocked to specific functions, and the redirection of incorrectly typed URL prefixes.
Prevention
There are multiple ways users can protect their web browsers from falling victim to a browser exploit. Such things include installing firewall software, keeping software updated, being cautious when downloading files, and not opening email attachments from unknown sources.
Notable browser exploits
JailbreakMe is a series of browser based exploits used to jailbreak Apple's iOS mobile operating system. It uses an exploit in the browser's PDF parser to execute unauthorised code and gain access to the underlying operating system.
Framework
[[Exploit Pack [XSS Paradise]] is the ultimate resource to test the security or insecurity of your browser.