Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Browsers
Chrome & Chromium
Chrome 87 released with fix for NAT Slipstream attacks, broader FTP deprecation
Message
<blockquote data-quote="silversurfer" data-source="post: 914481" data-attributes="member: 26718"><p>Source: <a href="https://www.zdnet.com/article/chrome-87-released-with-fix-for-nat-slipstream-attacks-broader-ftp-deprecation/" target="_blank">Chrome 87 released with fix for NAT Slipstream attacks, broader FTP deprecation | ZDNet</a></p><p></p><p>Google has released today version 87 of its Chrome browser, a release that comes with a security fix for the NAT Slipstream attack technique and a broader deprecation of the FTP protocol.</p><p></p><p>Todays' release is available for Windows, Mac, Linux, Chrome OS, Android, and iOS. Users can update to the new version via Chrome's built-in update utility.</p><p></p><p>While in previous versions, Google has shipped some changes to Chrome settings and UI elements, almost all the major new Chrome 87 features are aimed at web developers.</p><p></p><p>In Chrome 87, we have new APIs and updates to Chrome's built-in Developer Tools, such as:</p><ul> <li data-xf-list-type="ul">Support for the new Cookie Store API;</li> <li data-xf-list-type="ul">New features to allow easier modification of web fonts via CSS;</li> <li data-xf-list-type="ul">A new feature to let websites <a href="https://web.dev/local-fonts/" target="_blank">enumerate all the locally installed fonts</a></li> <li data-xf-list-type="ul">Support for pan, tilt, and zoom controls on webcam streams; and,</li> <li data-xf-list-type="ul">Support for debugging WebAuthn operations via the Chrome DevTools.</li> </ul><p>NAT SLIPSTREAM ATTACK FIXES</p><p>Chrome 87 also comes with a fix for a new attack disclosed at the end of October by <a href="https://en.wikipedia.org/wiki/Samy_Kamkar" target="_blank">Samy Kamkar</a>, a famous security researcher and computer hacker.</p><p></p><p>Named <a href="https://samy.pl/slipstream/" target="_blank">NAT Slipstream</a>, this technique allows attackers to bypass firewalls and make connections to internal networks by tricking users into accessing malicious sites — effectively turning Chrome into a proxy for attackers.</p><p></p><p>Chrome 87 will be the first browser to block NAT Slipstream attacks by <a href="https://www.chromestatus.com/feature/5064283639513088" target="_blank">blocking access to ports 5060 and 5061</a>, which the attack uses to bypass firewalls and <a href="https://en.wikipedia.org/wiki/Network_address_translation" target="_blank">network address translation (NAT)</a> schemes.</p><p></p><p><em>Read more below:</em></p><p>[URL unfurl="true"]https://www.zdnet.com/article/chrome-87-released-with-fix-for-nat-slipstream-attacks-broader-ftp-deprecation/[/URL]</p></blockquote><p></p>
[QUOTE="silversurfer, post: 914481, member: 26718"] Source: [URL='https://www.zdnet.com/article/chrome-87-released-with-fix-for-nat-slipstream-attacks-broader-ftp-deprecation/']Chrome 87 released with fix for NAT Slipstream attacks, broader FTP deprecation | ZDNet[/URL] Google has released today version 87 of its Chrome browser, a release that comes with a security fix for the NAT Slipstream attack technique and a broader deprecation of the FTP protocol. Todays' release is available for Windows, Mac, Linux, Chrome OS, Android, and iOS. Users can update to the new version via Chrome's built-in update utility. While in previous versions, Google has shipped some changes to Chrome settings and UI elements, almost all the major new Chrome 87 features are aimed at web developers. In Chrome 87, we have new APIs and updates to Chrome's built-in Developer Tools, such as: [LIST] [*]Support for the new Cookie Store API; [*]New features to allow easier modification of web fonts via CSS; [*]A new feature to let websites [URL='https://web.dev/local-fonts/']enumerate all the locally installed fonts[/URL] [*]Support for pan, tilt, and zoom controls on webcam streams; and, [*]Support for debugging WebAuthn operations via the Chrome DevTools. [/LIST] NAT SLIPSTREAM ATTACK FIXES Chrome 87 also comes with a fix for a new attack disclosed at the end of October by [URL='https://en.wikipedia.org/wiki/Samy_Kamkar']Samy Kamkar[/URL], a famous security researcher and computer hacker. Named [URL='https://samy.pl/slipstream/']NAT Slipstream[/URL], this technique allows attackers to bypass firewalls and make connections to internal networks by tricking users into accessing malicious sites — effectively turning Chrome into a proxy for attackers. Chrome 87 will be the first browser to block NAT Slipstream attacks by [URL='https://www.chromestatus.com/feature/5064283639513088']blocking access to ports 5060 and 5061[/URL], which the attack uses to bypass firewalls and [URL='https://en.wikipedia.org/wiki/Network_address_translation']network address translation (NAT)[/URL] schemes. [I]Read more below:[/I] [URL unfurl="true"]https://www.zdnet.com/article/chrome-87-released-with-fix-for-nat-slipstream-attacks-broader-ftp-deprecation/[/URL] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
