A new report from cyber-security firm, SafeBreach, claims to have found a critical vulnerability in Maxthon, a popular web-browser based on the WebKit and Trident browser engines. According to the report, the Windows version of Maxthon 5 has a vulnerability (CVE-2019-16647) that could potentially allow hackers to take admin control and surreptitiously install malware on the system.
In a blog post on Wednesday, the researchers said they reported the vulnerability to Maxthon developers on September 3rd, following which, the company confirmed the findings and shared a timeline for a new version deployment. As per the report, the bug could be exploited by an attacker to achieve “privilege escalation, persistence and in some cases defense evasion”. The vulnerability also gives attackers the ability to persistently execute malicious payloads by signed services each time the service is loaded.
According to the post, “This ability might be abused by an attacker for different purposes such as execution and evasion, for example: Application Whitelisting Bypass”. Versions 5.1.0 thru 5.2.7 are affected by the bug, so if you’re using one of those builds, you’d do well to update to a different browser, if only until the company rolls out a fix.
In case you don’t know it already, Maxthon is a popular cloud-based web-browser created by developers based out of Beijing, China. According to the company’s website, it is the default browser for 670 million users, although the exact number of users on Windows remain unspecified. Alongside Windows, it is also available on Android, Mac, iOS and Linux, but those versions are not affected by the issue.