Chrome users want to cry: due to a material defect into hacker ATM-IT information
According to foreign media reports, cybercriminals are very good at zero lag in using software vulnerabilities , they do not require developers to leave them out for a long time, but If the developers without fixing the defects in the software for a long time, they are welcome. Google is therefore welcomed by the cyber criminals.
On the security front, Google's track record is very good, but this time it is "let slip". A security flaw to be found as early as 2014, is still Windows technical support the cheat is used to stir up trouble.
The past few years cyber criminals a way to blackmail the user is, to users to misrepresent their PC infected with a malicious, require users to pay a fee to help them to remove the malicious . Their "gimmicks", leads users to believe that they provide a service, but in fact they are just defrauding money from users.
The success rate of these cheats are surprisingly high. Microsoft's survey showed that some one-fifth users would have got.
Why not Google moves to amend the flawed? Because it is not considered a defect. It will only cause Chrome not responding or a user's browsing history information disappears, but will not be used as an attack vector. Now users are deceived, Google should be taken seriously.
Recently, Google and Microsoft are due to a defect in Windows there is controversy. Google discovered the flaw and notified to the Microsoft. According to its policy, Google will give Microsoft 10 days to fix defects. Microsoft did not within the 10-day bug, Google made public details of a defect.
In the majority of the world's desktops and laptops running Windows operating system, for its development , and testing and Deploying a patch for 10 days, don't have much time. Microsoft must ensure that a one-off bug properly. Google and Microsoft are clear, only in the case of Flash plugin still has some defects, the flaw could be used by hackers to stir up trouble, but Adobe has released a patch.
Chrome用户想哭:因重大缺陷成黑客取款机 - IT资讯
据外媒报道,网络犯罪分子非常擅长利用软件中的零时差漏洞,他们不需要开发者给他们留出很长时间,不过,如果开发者长时间不修正软件中的缺陷,他们还是欢迎的。谷歌就因此受到网络犯罪分子的欢迎。
在安全方面,谷歌过去的记录很出色,但这次却是“马失前蹄”。一个早在2014年就被发现的安全缺陷,仍然被Windows技术支持骗子用来兴风作浪。
过去数年网络犯罪分子勒索用户的一种方式是,向用户谎报他们的PC感染有恶意件,要求用户支付一笔费用,帮助他们清除恶意件。他们通过“耍花招”,让用户相信他们提供了服务,但实际上他们只是骗取用户的钱财而已。
这些骗子的成功率惊人地高。微软的调查显示,约五分之一的用户会中招。
谷歌缘何没有出手修正该缺陷呢?因为它不被认为是一个缺陷。它只是会造成Chrome不反应或用户的浏览历史信息消失,但不会被用作一个攻击途径。现在出现用户被骗的情况,谷歌应当会认真对待了。
最近,谷歌和微软因Windows中一处缺陷发生纷争。谷歌发现了该缺陷,而且通报给微软。根据其政策,谷歌会给微软10天时间修正缺陷。微软没有能在10天内修正缺陷,谷歌向公众公布了缺陷详情。
对于在全球绝大多数台式机和笔记本上运行的Windows操作系统来说,要为它开发、测试和部署一款补丁软件,10天时间不够充裕。微软必须确保一次性妥善地修正缺陷。谷歌和微软清楚,只有在Flash插件也存在缺陷的情况下,该缺陷才可能被黑客用来兴风作浪,而Adobe已经发布了一款补丁软件。