Google discloses vulnerability in Chrome OS 'built-in security key' feature

    Date12 Sep 2019
    468
    Posted ByBrittany Day

    Are you a Chromebook user? If so, make sure you have updated to Chrome OS 75 or later to receive a fix for a vulnerability in a "built-in security key" feature. Learn more:

    Google is urging Chromebook users to update devices to fix a critical vulnerability in an experimental Chrome OS feature that handles two-factor authentication procedures. 

    The vulnerability impacts the Chrome OS feature known as the "built-in security key." The feature works by allowing users to use a Chromebook device similar to a hardware-based USB/NFC/Bluetooth security key. 

    The feature can be used when registering or logging into a website. Users can press the Chromebook power button, which will send a cryptographic token to the website, similar to how a classic hardware key would normally work. The difference is that the user is using his Chromebook as proof of ownership and identity, instead of a small USB, NFC, or Bluetooth-based key.

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"13","type":"x","order":"1","pct":56.52,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":13.04,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"7","type":"x","order":"3","pct":30.43,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.