Google Chrome Zero-Day Afflicts Windows, Mac Users
Reading Time: 1 Minute
Google warns of a zero-day vulnerability in the V8 open-source engine that’s being actively exploited by attackers.
style=”display:block” data-ad-client=”ca-pub-6620833063853657″ data-ad-slot=”8337846400″ data-ad-format=”auto” data-full-width-responsive=”true”>
However, beyond classifying the flaw as a heap-buffer overflow, Google did not specify the potential impact of this vulnerability. In fact, details of the bug overall (including how it can be exploited) remain scant while Google works to push out the fixes.
“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” said Google. “We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed.”
What is the V8 JavaScript Engine?
The heap-buffer overflow error exists in V8, an open-source WebAssembly and JavaScript engine developed by the Chromium Project for Google Chrome and Chromium web browsers. V8, which is written in C++, can run stand-alone, or can be embedded into any C++ application.
Bugs have previously been discovered (and exploited) in V8, including a flaw in November that was high-severity and tied to active exploits. That flaw was only described as an “inappropriate implementation in V8.”
Security Researchers: Targets for Chrome Zero-Day Exploits?
While Google didn’t provide further details of the attackers exploiting the flaw, researchers with Malwarebytes on Friday made a “general assumption” that the attack “was used against security researchers working on vulnerability research and development at different companies and organizations.”
See Also: Offensive Security Tool: JTR – John the Ripper
style=”display:block” data-ad-client=”ca-pub-6620833063853657″ data-ad-slot=”8337846400″ data-ad-format=”auto” data-full-width-responsive=”true”>
They pointed to the timing of when the vulnerability was reported to Google by Mattias Buelens (Jan. 24) and when a report released by Google’s Threat Analysis Group (Jan. 26). That report by Google researchers revealed that hackers linked to North Korea were targeting security researchers with an elaborate social-engineering campaign that set up trusted relationships with them — and then infected their organizations’ systems with custom backdoor malware.
“One of the methods the attackers used was to interact with the researchers and get them to follow a link on Twitter to a write-up hosted on a malicious website,” said researchers with Malwarebytes. “Shortly after the visit, a malicious service was installed on the researcher’s system and an in-memory backdoor would begin to communicate with a command and control (C&C) server. This sure sounds like something that could be accomplished using a heap buffer overflow in a browser.”
However, Google has not confirmed any correlation with this attack.
Google Chrome Browser: How to Update
Researchers urge Google Chrome users to update as soon as possible. Chrome will in many cases update to its newest version automatically, however security experts suggest that users double check that this has happened. To check if an update is available:
- Google Chrome users can go to chrome://settings/help by clicking Settings > About Chrome
- If an update is available Chrome will notify users and then start the download process
- Users can then relaunch the browser to complete the update
style=”display:block” data-ad-client=”ca-pub-6620833063853657″ data-ad-slot=”8337846400″ data-ad-format=”auto” data-full-width-responsive=”true”>
style=”display:block” data-ad-client=”ca-pub-6620833063853657″ data-ad-slot=”8337846400″ data-ad-format=”auto” data-full-width-responsive=”true”>
Source: www.zdnet.com
(Click Link)
Offensive Security & Ethical Hacking Course
Begin the learning curve of hacking now!
Information Security Solutions
Find out how Pentesting Services can help you.
