Important: Update Your Chrome Browser to Fix New Zero-Day Vulnerability

Jul 16, 2021

Google has released a critical security update for the Chrome browser on Windows, Mac, and Linux, addressing several vulnerabilities, including a zero-day being actively exploited. This latest patch resolves eight issues, notably a type confusion vulnerability in the V8 open-source and JavaScript engine (CVE-2021-30563). An anonymous researcher reported this flaw on July 12.

In light of the ongoing threat, Google issued a brief statement confirming that “an exploit for CVE-2021-30563 exists in the wild,” but refrained from providing specific details about the vulnerability to prevent further misuse. This marks the ninth zero-day flaw addressed by Google this year, highlighting the ongoing risks to Chrome users.

Update Your Chrome Browser to Address Critical Zero-Day Vulnerability

On July 16, 2021, Google released an urgent security update for its Chrome browser, impacting users on Windows, Mac, and Linux systems. This update addresses multiple vulnerabilities, including a significant zero-day exploit that has reportedly been leveraged in real-world cyberattacks. According to Google, the patch resolves eight issues in total, with one notable concern related to a type confusion vulnerability within its V8 open-source and JavaScript engine, identified as CVE-2021-30563.

The discovery of this flaw has been credited to an anonymous researcher who reported it on July 12. In a brief statement, Google acknowledged the ongoing exploitation of CVE-2021-30563 but withheld detailed information about the vulnerability to mitigate the risk of further abuses stemming from its disclosure. Such practices are standard when dealing with exploitable vulnerabilities of this nature. This incident marks the ninth zero-day vulnerability that Google has addressed this year to protect Chrome users from active threats.

Cybersecurity experts emphasize the importance of promptly applying this update, particularly given the proactive exploitation of this vulnerability in the wild. Business owners should be aware that the risks associated with unpatched software can lead to unauthorized access, data breaches, and various forms of compromise. These risks have broad implications and can affect not only individual users but also organizational security and reputation.

From a technical perspective, the methodologies exploited in this attack could potentially align with various tactics outlined in the MITRE ATT&CK framework. Initial access may have been facilitated through phishing or other means that allow an adversary to execute malware on a victim’s system. Persistence techniques might be employed to maintain post-exploitation access, while privilege escalation tactics can enable unauthorized users to increase system control. Understanding these potential tactics is essential for business owners looking to enhance their cybersecurity posture.

As cyber threats continue to evolve, ensuring that software and security measures remain current is crucial for mitigating risks. Business owners are urged to verify that their systems are updated with the latest patches to guard against vulnerabilities such as CVE-2021-30563. By staying informed and proactive in response to these updates, organizations can better protect their infrastructure from the increasing tide of cyber risks.

Source link

Related Posts

Israeli Company Aided Governments in Targeting Journalists and Activists with Zero-Day Exploits and Spyware

Two recently patched zero-day vulnerabilities in Windows, addressed in Microsoft’s Patch Tuesday update, were reportedly exploited by the Israeli firm Candiru in a series of targeted attacks on over 100 journalists, academics, activists, and political dissidents worldwide. This spyware vendor has also been identified by Google’s Threat Analysis Group (TAG) as having exploited various zero-day vulnerabilities in the Chrome browser to compromise targets in Armenia, according to a report by the University of Toronto’s Citizen Lab. Citizen Lab researchers noted that “Candiru’s widespread presence and the use of its surveillance technology against global civil society highlight the significant risks posed by the mercenary spyware industry, which is rife with potential for abuse.”

China Enacts New Law Mandating Vendors to Report Zero-Day Vulnerabilities to Authorities

On July 17, 2021, the Cyberspace Administration of China (CAC) introduced stricter regulations regarding vulnerability disclosure. Under the new “Regulations on the Management of Network Product Security Vulnerability,” software and networking vendors are required to report critical flaws directly to government authorities within two days of identification. Set to take effect on September 1, 2021, these regulations aim to standardize the processes of discovering, reporting, and addressing security vulnerabilities while mitigating associated risks. Article 4 of the regulation prohibits any organization or individual from exploiting network security vulnerabilities for malicious activities and bans the illegal sale, collection, or publication of such information. The new rules also prevent the public disclosure of previously unknown security weaknesses.

Researcher Reveals Yet Another Unpatched Vulnerability in Windows Printer Spooler

Date: July 19, 2021

Just days after Microsoft raised alarms about an unpatched security flaw in the Windows Print Spooler service, yet another potential zero-day vulnerability has surfaced, marking the fourth printer-related issue identified in recent weeks. Will Dormann from the CERT Coordination Center noted in an advisory on Sunday that “Microsoft Windows allows non-admin users to install printer drivers through Point and Print.” He highlighted that printers installed this way can load arbitrary libraries by the privileged Windows Print Spooler process. Security researcher Benjamin Delpy, known for creating Mimikatz, has disclosed an exploit for this vulnerability. #printnightmare – Episode 4

Millions of HP, Samsung, and Xerox Printers Vulnerable Due to 16-Year-Old Security Flaw

July 20, 2021

A serious security vulnerability has come to light in a software driver used by HP, Xerox, and Samsung printers, lingering undetected since 2005. Assigned CVE-2021-3438 (CVSS score: 8.8), this issue involves a buffer overflow in the “SSPORT.SYS” print driver installer, which could allow for remote privilege escalation and arbitrary code execution. Hundreds of millions of printers worldwide may be affected, although there is currently no evidence of real-world exploitation. The vulnerability, first identified by SentinelLabs researchers on February 18, 2021, was disclosed in an advisory in May, noting its potential to elevate privileges in certain HP LaserJet and Samsung printer models. Fixes for the impacted devices were made available on May 19, 2021.