Security Affairs
Update Now: Critical Zimbra Classic Web Client Flaw Could Expose Mailboxes|Ransomware Never Stopped: Over 9,000 Confirmed Attacks Since 2018|222 GitHub Repositories Linked to Fake Go Package Malware Operation|Former Ransomware Negotiator Sentenced to 70 Months in Prison for Secretly Helping BlackCat Gang|GigaWiper Merges Three Malware Families Into One Destructive Backdoor|INTERPOL Operation First Light Nets 5,811 Arrests and Seizes $293 Million|GodDamn Ransomware Uses PoisonX to Blind Security Software|AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack|Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)|Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes|Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation|A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach|Update Now: Critical Zimbra Classic Web Client Flaw Could Expose Mailboxes|Ransomware Never Stopped: Over 9,000 Confirmed Attacks Since 2018|222 GitHub Repositories Linked to Fake Go Package Malware Operation|Former Ransomware Negotiator Sentenced to 70 Months in Prison for Secretly Helping BlackCat Gang|GigaWiper Merges Three Malware Families Into One Destructive Backdoor|INTERPOL Operation First Light Nets 5,811 Arrests and Seizes $293 Million|GodDamn Ransomware Uses PoisonX to Blind Security Software|AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack|Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)|Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes|Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation|A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Comodo Chromodo Secure Internet Browser exposes you at risks

Security Expert discovered that the Comodo Chromodo browser has ‘Same Origin Policy’ (SOP) disabled by default, if you are using it you are at risk. Chromodo is the name of a free browser offered by the Comodo Antivirus firm, it is a customized version of Google’s Chrome browser developed to improve users’ security and privacy. Unfortunately this […]

Comodo Chromodo Secure Internet Browser exposes you at risks

Security Expert discovered that the Comodo Chromodo browser has ‘Same Origin Policy’ (SOP) disabled by default, if you are using it you are at risk.

Chromodo is the name of a free browser offered by the Comodo Antivirus firm, it is a customized version of Google’s Chrome browser developed to improve users’ security and privacy. Unfortunately this is not true, the Chromodo browser which is based on the Chromium open-source code is in fact affected by a serious security issue.

Tavis Ormandy, a security expert from Google, analyzed the Chromodo browser discovering a serious flaw that exposes users’ security. The flaw is related to the Same Origin Policy, a fundamental in the web application security model implemented to protect users’ browsing experience.

” The policy permits scripts running on pages originating from the same site – a combination of scheme, hostname, and port number – to access each other’s DOM with no specific restrictions, but prevents access to DOM on different sites.” reads Wikipedia.

Not implementing the Same Origin Policy, a code that runs on one website should be allowed to execute on another website with serious repercussions on the security perspective.

If you are using Chromodo, you must be aware that the browser has the same origin policy disabled.

“When you install Comodo Internet Security, by default a new browser called Chromodo is installed and set as the default browser. Chromodo is described as “highest levels of speed, security and privacy”, but actually disables all web security.” Ormandy wrote in a security advisory.

“Let me repeat that, they ***disable the same origin policy***…. ?!?.. To reproduce, do something like this:

<html>
<head></head>
<body>
<script>
function steal_cookie(obj)
{
    // Wait for the page to load
    setTimeout(function() {
        obj.postMessage(JSON.stringify({
            command: "execCode",
            code:    "alert(document.cookie)",
        }), "*");
    }, 2000);
}
</script>
<a href="javascript:steal_cookie(window.open('https://ssl.comodo.com/'))">Click Here</a>
</body>
</html>

With Same Origin Policy disabled an attacker can use a malicious script to perform a number of activities including taking over social media accounts and act on behalf of the victim.

Chromodo comodo Browser

Ormandy reported the issue Jan. 21 and, on Tuesday he revealed that Comodo tried to patch the issue in the Chromodo browser, in particular against an exploit he developed, but the fix doesn’t work.

Let’s wait for a definitive fix from the company.

Pierluigi Paganini

(Security Affairs –Chromodo, Same Origin Policy,)