UC Browser Potential Man-in-the-Middle Vulnerability Threat Alert
abril 2, 2019
Overview
Recently, a foreign researcher discovered a potential vulnerability in the UC browser which may affect hundreds of millions of users around the world. A hidden feature is found in the UC browser to download auxiliary software modules for execution by bypassing some restrictions of an application store. This feature is used to add new functions or install updates to the client, but can also be exploited for man-in-the-middle (MITM) attacks. For example, when a user uses the UC browser to download a PDF file and attempts to open it, an attacker, via an MITM attack, could enable the browser to download a malicious file and finally execute it. (mais…)