Chrome and Edge’s default download behavior makes it easy for cybercriminals to infect PCs with malcious DLLs

vbimport

#1

We’ve just posted the following news: Chrome and Edge’s default download behavior makes it easy for cybercriminals to infect PCs with malcious DLLs[newsimage]http://static.myce.com//images_posts/2015/10/myce-browser-dll-95x75.gif[/newsimage]

A security researcher has discovered that the automatic download feature of Google’s Chrome and Microsoft’s Edge browser provides cybercriminals the ability to make use of malicious DLL files that can hijack the installation of legitimate downloaded software. Google is working on a fix.

            Read the full article here: [http://www.myce.com/news/chrome-and-edges-default-download-behavior-makes-it-easy-for-cybercriminals-to-infect-pcs-with-malcious-dlls-77671/](http://www.myce.com/news/chrome-and-edges-default-download-behavior-makes-it-easy-for-cybercriminals-to-infect-pcs-with-malcious-dlls-77671/)

            Please note that the reactions from the complete site will be synched below.

#2

It also looks like this issue provides the ability to run the executable with administrator rights. As most applications require adminstrator rights to run, the DLL in turn would have admin access.

Then again some Malware lately does not require admin rights to do its damage, for example, the nasty ransomware Malware just needs standard user access to encrypt the user’s documents, unlike the stealthy rookits performs fraud clicking or joins the PC to a botnet.Â