Issue 724638 link

Starred by 1 user

Issue metadata

Status:	Duplicate
Merged:	issue 722524
Owner:	----
Closed:	May 2017
EstimatedDays:	----
NextAction:	----
OS:	Windows
Pri:	2
Type:	Bug-Security
Arch-x86_64 allpublic Via-Wizard-Security

Windows .SCF attack by automatic file downloading

Reported by facetoth...@gmail.com, May 19 2017

Issue description

UserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Steps to reproduce the problem:
See this article here
https://www.helpnetsecurity.com/2017/05/15/stealing-windows-credentials-using-google-chrome/

What is the expected behavior?
Treat any SCF file as dangerous file, don't download them automatically

What went wrong?
We don't block the dangerous SCF file, attacker can let user atomatically download this file.

SCF won't need to be opened to run, just open the explorer to view it may let it run.

Did this work before? No 

Chrome version: 58.0.3029.110  Channel: stable
OS Version: 10.0
Flash Version:

Comment 1 by elawrence@chromium.org, May 19 2017

Mergedinto: 722524
Status: Duplicate (was: Unconfirmed)

Project Member

Comment 2 by sheriffbot@chromium.org, Aug 26 2017

Labels: -Restrict-View-SecurityTeam allpublic

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

►

Issue 724638 link

Issue metadata

Windows .SCF attack by automatic file downloading

Issue description

Comment 1 by elawrence@chromium.org, May 19 2017

Comment 1 Deleted

Comment 2 by sheriffbot@chromium.org, Aug 26 2017

Comment 2 Deleted

Sign in to add a comment