Browser exploit

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

A browser exploit is a form of malicious code that takes advantage of a flaw or vulnerability in an operating system or piece of software with the intent to breach browser security to alter a user's browser settings without their knowledge.[1] Malicious code may exploit ActiveX, HTML, images, Java, JavaScript, and other Web technologies and cause the browser to run arbitrary code.


Users whose web browsers have fallen victim of a successful browser exploit may find their homepage, search page, and/or favorites have been changed. Other signs include Internet settings options within the browser being altered, access being blocked to specific functions, and the redirection of incorrectly typed URL prefixes.


There are multiple ways users can protect their web browsers from falling victim to a browser exploit. Such things include installing firewall software, keeping software updated, being cautious when downloading files, and not opening email attachments from unknown sources.

Notable browser exploits[edit]

JailbreakMe is a series of browser based exploits used to jailbreak Apple's iOS mobile operating system. It uses an exploit in the browser's PDF parser to execute unauthorised code and gain access to the underlying operating system.

See also[edit]


  1. ^ Sood, Aditya K.; Zeadally, Sherali (2016-09-28). "Drive-By Download Attacks: A Comparative Study". IT Professional. 18 (5): 18–25. doi:10.1109/MITP.2016.85. ISSN 1520-9202. S2CID 27808214.

External links[edit]