Search Suggestions Can Crash Browsers

Friday, July 29, 2016 @ 04:07 PM gHale


There is a new way to crash Chromium and Firefox browsers on mobile and desktop devices.

The method relies on using the search suggestions feature these browsers support.

RELATED STORIES
Chrome Update Fixes 48 Vulnerabilities
Apple Patches Multiple Vulnerabilities
IE PoC Released, Attackers Pounce
Browser Collects Data No Matter What

The issue is not a software bug, but a design implementation that allows their attack to execute, said researchers at Nightwatch Cybersecurity.

Most of today’s browsers have a search field or allow users to search via the URL address bar. Based on the search engines supported inside the browser, search suggestions can be shown as the user types their query.

If the browser’s search engine provider doesn’t protect these search suggestions via an encrypted HTTPS channel, an attacker on the local network can intercept search suggestions queries and answer before the search provider. Nightwatch researchers said in a blog post.

An attacker can insert large chunks of data inside this response, which can lead to the browser or the operating system exhausting memory resources and eventually crashing.

Researchers weren’t able to execute malicious code during these crashes, which would have caused more problems for browser makers.

During their tests, researchers managed were able to crash the Android stock browser on Android 4.4, Chrome 51 on Android 6.01, and Firefox 47 on Ubuntu 16.04. Additionally, they also crashed the entire Ubuntu 16.04 OS when running Chrome 51.

In order for this crash to occur, as mentioned above, users need to use a browser built-in search provider that doesn’t employ HTTPS. The list includes Ebay on Firefox, AOL and Ask.com on Chrome, and Bing and Yahoo on Android’s stock browser.