Discovered by DefenseCode security researcher Bosko Stankovic (via ZDNet), the flaw works through a clever trick in the way Chrome and Windows both treat Windows Explorer Shell Command File (SCF) files, which are used as a Show Desktop icon shortcut. The end result is that the SCF file can be used to obtain a users LAN Manager (NTLMv2) password hash.
Benjamin King
More like stop using windows
James Carter
>on Windows PCs. Stop using Windows.
Bentley Campbell
>Windows PCs
Ethan Stewart
Does it work on opera as well? If so we have a problem. If not who cares.
Xavier Robinson
> to steal credentials on Windows PCs.
Ian Long
works on any browser on windows that automatically downloads scf files.
Noah Nelson
>Windows PCs
Oliver Hall
this. Just use Ubuntu+Gnu masterrace
Jace Ward
>That file name > my actual sides and lungs hurt
Robert Martinez
>trusting Google software
Justin Young
"malicious actors" fuck Jared Leto is going to fuck us all
Samuel Fisher
>Ubuntu
Brandon Morales
So why doesn't this browser have master password support like literally any reasonable browser would?