Major Chinese browser ‘Maxthon’ has a bug that allows anyone admin access

Major Chinese browser ‘Maxthon’ has a bug that allows anyone admin access

5 years ago
Anonymous $xdcOWPpsb_

https://thenextweb.com/security/2019/10/23/major-chinese-browser-maxthon-has-a-bug-that-allows-anyone-admin-access/

One of China’s most popular browsers, Maxthon, has a bug in its Windows version that can allow a hacker to take admin control and install malware.  A report by security firm SafeBreach notes it reported the vulnerability in September.

The anomaly lets a hacker install a program into a service that is run by the “NT AUTHORITYSYSTEM,” – the admin account. When browser‘s service, a program essential to run the browser, MxService, running with admin privileges starts, it searches for a non-existent file called program.exe before it moves to other executables to fire up the actual browser app.