This article was published on October 23, 2019

Major Chinese browser ‘Maxthon’ has a bug that allows anyone admin access


Major Chinese browser ‘Maxthon’ has a bug that allows anyone admin access

One of China’s most popular browsers, Maxthon, has a bug in its Windows version that can allow a hacker to take admin control and install malware.  A report by security firm SafeBreach notes it reported the vulnerability in September.

The anomaly lets a hacker install a program into a service that is run by the “NT AUTHORITYSYSTEM,” – the admin account. When browser’s service, a program essential to run the browser, MxService, running with admin privileges starts, it searches for a non-existent file called program.exe before it moves to other executables to fire up the actual browser app.

Using this bug, a hacker can place a dummy executable with that name, and the browser would think it’s harmless. The research team said the cause of the exploit is in the install package.

Through this vulnerability, an attacker can gain admin privileges, install malicious code, and bypass windows security to run apps that might not get execution permission otherwise.

SafeBreach said Maxthon for Windows version 5.1.0 to 5.2.7 are affected. Maxthon’s website claims its browser is used by more than 670 million people, but it hasn’t specified any number for its Windows users.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

The browser hasn’t specified any date for a patch, so you should avoid using it at the moment.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with