Microsoft recently fixed crucial security flaws in its Edge internet browser after two cyber security researchers– Vansh Devgan from Uttar Pradesh and Shivam Kumar Singh from Jharkhand– notified Microsoft about the same. The duo found a “vulnerable code” involving uXSS (Universal Cross Site Scripting) in Microsoft’s Translator that comes pre-installed in Edge browser and reported the same under the Edge on Chromium Bounty Program. Microsoft paid out the highest reward of $20,000 (roughly Rs 15 lakh) to them.
While Shivam runs his own business and is into part-time bug bounty hunting, Vansh has completed his third-year in B.Tech Computer Science from Lovely Professional University and is a cyber security enthusiast.
The security vulnerability, tracked as CVE-2021-34506, has been fixed in the latest release of Microsoft Edge Stable Channel (Version 91.0.864.59). The impact of the security flaw was severe as anyone who visited a website using Microsoft Edge browser and hit the language translate button to read the content in their preferred language could inject an arbitrary code to perform whatever they wanted to.
It is highly recommended that you update Microsoft Edge browser to the latest version to stay safe.
“We created an profile on Facebook with name in different language and XSS payload and sent an friend request to victim (he is using Microsoft edge) as soon as he checks are profile he got hacked (SCC popup because of auto translation),” explained Vansh Devgan who is running CyberXplore Private Limited along with this friend Shivam Kumar Singh.
The only prerequisites for running arbitrary code was simple: use Microsoft Edge browser and keep Auto Translate turned on. Explaining the payload, the CyberXplore team in their blog post said, “We have written a review on Google for a company HackENews with different language + XSS payload any person browsing that review link got hacked (XSS popup because of auto translation).”
The duo claimed that they were even able to bypass YouTube and the Windows Store Application exploiting this vulnerability.
“Unlike the common XSS attacks, UXSS is a type of attack that exploits client-side vulnerabilities in the browser or browser extensions in order to generate an XSS condition, and execute malicious code. When such vulnerabilities are found and exploited, the behavior of the browser is affected and its security features may be bypassed or disabled,” they explained.