Critical Chrome Update Released to Fix Actively Exploited Zero-Day Flaw

On September 25, 2021, Google issued an urgent security patch for its Chrome web browser to address a vulnerability that is currently being exploited. Identified as CVE-2021-37973, the issue is categorized as a “use after free” flaw within the Portals API, a system that facilitates seamless navigation between web pages. Clément Lecigne from Google’s Threat Analysis Group reported the vulnerability. While detailed information about the flaw has not been shared to protect users, Google confirmed that an exploit for CVE-2021-37973 is known to be in use. This update comes shortly after Apple patched a related exploit affecting older versions of iOS and macOS (CVE-2021-30869).

Urgent Chrome Update Released to Address Actively Exploited Zero-Day Vulnerability

On September 25, 2021, Google released an urgent security update for its Chrome web browser to rectify a critical flaw that has been actively exploited in the wild. Identified as CVE-2021-37973, this vulnerability is categorized as a “use after free” issue within the Portals API. This API is designed to facilitate smooth transitions between web pages by allowing one page to display another as an inset, creating what appears to be a coherent browsing experience.

Clément Lecigne from the Google Threat Analysis Group (TAG) reported the vulnerability, which is especially concerning given its live exploitation status. While the specific technical details related to CVE-2021-37973 are not fully disclosed, this precaution aims to ensure that users can swiftly apply the necessary patch before further exploitation occurs. Google has confirmed awareness of active exploits targeting this weakness, emphasizing the urgency of the update.

This announcement comes on the heels of a similar critical update from Apple, which addressed an actively exploited vulnerability in older versions of iOS and macOS (CVE-2021-30869). These incidents underline a growing trend in cybersecurity whereby vulnerabilities in popular software platforms are increasingly targeted by malicious actors.

Business owners and IT professionals must recognize the potential impact of such vulnerabilities. The active exploitation of these flaws could allow attackers to gain unauthorized access to sensitive data or systems. In this instance, the techniques implied may include initial access methods through drive-by downloads or phishing campaigns that leverage the vulnerable platforms.

Furthermore, persistence tactics could be employed by malicious actors to maintain access even after initial detection and remediation efforts by users or security teams. Privilege escalation might also be a goal, permitting attackers to obtain higher permissions within the compromised systems, thereby amplifying the severity of the breach.

As the landscape of cyber threats continues to evolve, the importance of keeping software up to date cannot be overstated. Companies are urged to prioritize patch management, specifically regarding critical security updates like these. Failure to respond promptly to such advisories could expose organizations to significant risks, including data breaches and operational disruptions.

In light of these developments, it is crucial for business leaders to not only implement timely updates but also engage in comprehensive security training for their employees. Understanding the methods attackers may use can aid organizations in building more robust defenses against emerging threats.

Source link

Related Posts

Urgent: Update Google Chrome Now to Fix 2 New Actively Exploited Zero-Day Vulnerabilities

On October 1, 2021, Google released critical security updates for its Chrome browser, addressing two newly discovered vulnerabilities currently being exploited. These mark the fourth and fifth zero-day flaws resolved this month. The vulnerabilities, identified as CVE-2021-37975 and CVE-2021-37976, relate to a use-after-free issue in the V8 JavaScript and WebAssembly engine, as well as an information leak in the core. As is standard practice, Google has withheld specific details about the attacks to ensure that users can quickly install the necessary updates. However, the company confirmed that “exploits for CVE-2021-37975 and CVE-2021-37976 exist in the wild.” CVE-2021-37975 was reported by an anonymous researcher, while CVE-2021-37976 was identified by Clément Lecigne from Google’s Threat Analysis Group.

Code Execution Vulnerability Discovered in Yamale Python Package, Impacting Over 200 Projects

On October 7, 2021, a serious code injection vulnerability was identified in Yamale, a schema and validator for YAML files developed by 23andMe. This flaw could be easily exploited by attackers to execute arbitrary Python code. Designated as CVE-2021-38305 with a CVSS score of 7.8, the vulnerability arises from the improper handling of the schema file input, enabling circumvention of security measures.

The issue lies within the schema parsing function, which inadequately evaluates and executes all inputs, allowing maliciously crafted strings to execute system commands. Yamale is widely utilized by developers for validating YAML, a data serialization language commonly used in configuration files, with at least 224 repositories on GitHub relying on this package. This vulnerability presents a significant risk for any projects that utilize input schema files, enabling potential Python code injection for those with access.

Major Vulnerability in OpenSea Could Have Allowed Hackers to Steal Cryptocurrency from User Wallets

Oct 13, 2021

A recently patched critical vulnerability in OpenSea, the leading marketplace for non-fungible tokens (NFTs), had the potential to be exploited by hackers to siphon cryptocurrency from victims by sending specially-crafted tokens. This revelation comes from cybersecurity firm Check Point Research, which launched an investigation following reports of cryptocurrency theft linked to free airdropped NFTs. The issues were resolved within an hour of responsible disclosure on September 26, 2021. “If left unaddressed, these vulnerabilities could have permitted hackers to seize user accounts and drain entire cryptocurrency wallets by crafting malicious NFTs,” stated researchers from Check Point. NFTs, as unique digital assets, include items like photos, videos, and audio, traded on the blockchain, which serves as a certificate of authenticity.

New ‘Trojan Source’ Technique Allows Hackers to Conceal Vulnerabilities in Source Code

November 1, 2021

A groundbreaking class of vulnerabilities has emerged, enabling threat actors to inject misleading malware that technically adheres to coding logic while distorting its intended functionality. Known as “Trojan Source attacks,” this method exploits nuances in text-encoding standards like Unicode, allowing the arrangement of source code tokens to differ from their displayed order. This results in vulnerabilities that evade detection by human reviewers, according to researchers Nicholas Boucher and Ross Anderson from Cambridge University, who outlined the findings in a recent paper. These vulnerabilities, identified as CVE-2021-42574 and CVE-2021-42694, impact compilers across numerous widely-used programming languages, including C, C++, C#, JavaScript, Java, Rust, Go, and Python. Compilers are essential tools that convert high-level human-readable code into executable machine code.