UC Browser Potential Man-in-the-Middle Vulnerability Threat Alert

UC Browser Potential Man-in-the-Middle Vulnerability Threat Alert

April 2, 2019 | Adeline Zhang

Overview

Recently, a foreign researcher discovered a potential vulnerability in the UC browser which may affect hundreds of millions of users around the world. A hidden feature is found in the UC browser to download auxiliary software modules for execution by bypassing some restrictions of an application store. This feature is used to add new functions or install updates to the client, but can also be exploited for man-in-the-middle (MITM) attacks. For example, when a user uses the UC browser to download a PDF file and attempts to open it, an attacker, via an MITM attack, could enable the browser to download a malicious file and finally execute it.

For details, please click the following link:

https://vms.drweb.com/search/?q=UC%20Browser

Affected Versions

  • Both mobile and desktop versions of the UC browser are affected.

Solution

By the time this report is released, no official update is available to fix this issue. Affected users are advised not to use this browser before this issue is addressed and should install an official update once it is available.

Reference link:

https://www.bleepingcomputer.com/news/security/uc-browser-for-android-desktop-exposes-500-million-users-to-mitm-attacks/

https://news.drweb.com/show/?i=13176&lng=en

Statement

This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission from NSFOCUS.

About NSFOCUS

NSFOCUS IB is a wholly owned subsidiary of NSFOCUS, an enterprise application and network security provider, with operations in the Americas, Europe, the Middle East, Southeast Asia and Japan. NSFOCUS IB has a proven track record of combatting the increasingly complex cyber threat landscape through the construction and implementation of multi-layered defense systems. The company’s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide unified, multi-layer protection from advanced cyber threats.

For more information about NSFOCUS, please visit:

https://www.nsfocusglobal.com.

NSFOCUS, NSFOCUS IB, and NSFOCUS, INC. are trademarks or registered trademarks of NSFOCUS, Inc. All other names and trademarks are property of their respective firms.