Security analyst Aidan Woods found a small vulnerability in the identification page of Google accounts. It does not affect our privacy, but permits you to modify the URL to make us unload any file at the time you press the button Next to identification.
Oddly enough, after being notified vulnerability from Google he was told Woods that after analyzing it had decided not to solve it. This means that you can continue to build, so worth to know how it works and how to avoid it not to end up downloading any unwanted malware.
A simple vulnerability, but dangerous
The problem is that Google can enter the parameter “continue = [link]” in the URL of the page ID, which is the one that tells the web page to which redirect us once we introduce our credentials. To help avoid problems, Google only lets you enter in the address parameter using the domain google.com.
But as we see in the video posted by Woods, if you stayed a file in Google Drive and share, the URL is generated we have the domain “drive.google.com” so that it can link the parameter to make we unload. With this, an attacker could upload malware to your Google Drive and then give us a URL linking it to make it go down.
What dangers can assume this vulnerability? Well, for example , it could be used emails and phishing sites that offer us a publishing service and letting us know that it will be necessary to identify with the Google page. If that makes us go down some programs with a suggestive or related name with a promised service, many users could end up biting unwary.
To avoid therefore there are two simple steps, but that though applicable to many vulnerabilities not everyone gives. The first is not to install any software you download without our permission, although as we have seen we could fool to do so. The second is to always check the URL before identifying anywhere. No matter on which we believe have a flat tire, it costs nothing to confirm in the navigation bar.