- Jul 22, 2014
- 2,525
Google announced plans today for three new Chrome security features that will block websites from sneakily redirecting users to new URLs without the user or website owner's consent.
While all three additions are welcomed, one of these features has the potential to stop a few malvertising campaigns dead in their tracks, and could potentially disrupt the malware scene in the next few months.
Chrome will block iframe redirects
The first of these three features — and the most important — will land in Chrome 64, scheduled for an official release in late January 2018.
Starting with v64, Chrome will block URL redirection attempts triggered by code loaded inside iframes embedded in a page.
Most website owners don't use iframes when creating their sites and iframes usually end up on a page loaded via ads.
Malicious ads — also known as malvertising — will use JavaScript code loaded inside these iframes to redirect users to malicious sites.
By blocking iframes from redirecting users to new sites, Google will be putting a huge dent in malvertising campaigns starting next year.
"I think this will be a HUGE help," Gary Warner, Director of Research in Computer Forensics at the University of Alabama at Birmingham (UAB), told Bleeping Computer in a private conversation.
. ..
While all three additions are welcomed, one of these features has the potential to stop a few malvertising campaigns dead in their tracks, and could potentially disrupt the malware scene in the next few months.
Chrome will block iframe redirects
The first of these three features — and the most important — will land in Chrome 64, scheduled for an official release in late January 2018.
Starting with v64, Chrome will block URL redirection attempts triggered by code loaded inside iframes embedded in a page.
Most website owners don't use iframes when creating their sites and iframes usually end up on a page loaded via ads.
Malicious ads — also known as malvertising — will use JavaScript code loaded inside these iframes to redirect users to malicious sites.
By blocking iframes from redirecting users to new sites, Google will be putting a huge dent in malvertising campaigns starting next year.
"I think this will be a HUGE help," Gary Warner, Director of Research in Computer Forensics at the University of Alabama at Birmingham (UAB), told Bleeping Computer in a private conversation.
. ..