New Chrome extension Vulnerability


#1

What’s this? Like, the fourth in recent times? Getting a bit slack, Apple.


#2

Sounds more like a Chrome vulnerability. Looks like Chrome is running a VNC server on the logged in user, and that VNC session would be maintained. Not convinced this is a Mac vulnerability.


#3

Not only that, but it’s a Chrome extension that doesn’t come by default with the app.

Filing this one under “FUD”.


#4

If it’s happening just because of an extension then how isn’t that a Mac vulnerability? It’s bypassing the Mac login protections.


#5

Thanks for posting that article. I’ve uninstalled chrome remote desktop for the time being just as a precaution.