New clickjacking flaw hits Chrome and Firefox

Researchers have discovered a flaw that exposes Google's Chrome web browser to clickjacking. Clickjacking is a relatively new attack vector in which a legitimate link is substituted without the user's awareness. Clicking a photo that appears to be hosted on Flickr, for example, could actually direct the user to a malicious site set up as a drive-by-download server. The severity of the problem becomes compounded when trusted sites are hacked into and surreptitiously modified.

Google is working on a fix. In the meantime, though a spokesperson pointed out that clickjacking is a problem that can affect all browsers. Indeed Firefox 3.0.5 appears to suffer from this same flaw; however, the first release candidate of Microsoft's Internet Explorer 8 and Opera are not affected.

For more on this story:
- check out this article at ZDNet

Related Articles:
Google Chrome releases 1.0; no longer in beta
Microsoft launches first release candidate of IE8