Urgent: Update Google Chrome Now to Fix 2 New Actively Exploited Zero-Day Vulnerabilities

On October 1, 2021, Google released critical security updates for its Chrome browser, addressing two newly discovered vulnerabilities currently being exploited. These mark the fourth and fifth zero-day flaws resolved this month. The vulnerabilities, identified as CVE-2021-37975 and CVE-2021-37976, relate to a use-after-free issue in the V8 JavaScript and WebAssembly engine, as well as an information leak in the core. As is standard practice, Google has withheld specific details about the attacks to ensure that users can quickly install the necessary updates. However, the company confirmed that “exploits for CVE-2021-37975 and CVE-2021-37976 exist in the wild.” CVE-2021-37975 was reported by an anonymous researcher, while CVE-2021-37976 was identified by Clément Lecigne from Google’s Threat Analysis Group.

Update Your Google Chrome Browser Immediately to Address Two New Actively Exploited Zero-Day Vulnerabilities

On October 1, 2021, Google announced the release of critical security updates for its Chrome web browser, responding to two newly identified vulnerabilities that are presently being exploited by malicious actors. These vulnerabilities mark the fourth and fifth zero-days that the company has addressed in just this month, underscoring the increasing urgency for robust cybersecurity measures.

The vulnerabilities, cataloged as CVE-2021-37975 and CVE-2021-37976, focus primarily on a use-after-free flaw within the V8 JavaScript and WebAssembly engine, as well as an information leak present in the browser’s core functionalities. Google has typically opted to maintain a level of confidentiality regarding the methods used in actual attacks. This approach aims to ensure that users can promptly implement the necessary security updates without further exposing themselves to risks. Nonetheless, Google has acknowledged that exploits for these vulnerabilities are indeed circulating in the wild.

CVE-2021-37975 was reported by an unnamed researcher, highlighting the important role of community vigilance in maintaining cybersecurity. In contrast, the identification of CVE-2021-37976 can be attributed to Clément Lecigne from Google’s Threat Analysis Group, a clear demonstration of internal capabilities in threat detection and response.

These vulnerabilities present significant risks, particularly for organizations that rely on Chrome for business operations. An attack exploiting these weaknesses could lead to unauthorized access to sensitive information or even allow attackers to execute arbitrary code within the browser. Given the potential severity of these attacks, business owners must prioritize timely software updates to mitigate the risks of exploitation.

In analyzing the potential adversary tactics associated with these vulnerabilities, we can reference the MITRE ATT&CK framework. Initial access tactics may be relevant as attackers could have leveraged social engineering or other methodologies to introduce malicious payloads. Privilege escalation could follow as attackers seek to gain greater control over compromised systems to further their malicious objectives. It is also within the realm of possibility that persistence tactics were utilized, allowing adversaries to maintain access to affected systems post-exploitation.

As the landscape of cybersecurity continues to evolve, vulnerabilities like these highlight the ongoing need for vigilance and proactive measures. Business owners must not only ensure their software is up to date but also foster a culture of cybersecurity awareness throughout their organizations. Such steps are essential in defending against increasingly sophisticated cyber threats.

Source link

Related Posts

Code Execution Vulnerability Discovered in Yamale Python Package, Impacting Over 200 Projects

On October 7, 2021, a serious code injection vulnerability was identified in Yamale, a schema and validator for YAML files developed by 23andMe. This flaw could be easily exploited by attackers to execute arbitrary Python code. Designated as CVE-2021-38305 with a CVSS score of 7.8, the vulnerability arises from the improper handling of the schema file input, enabling circumvention of security measures.

The issue lies within the schema parsing function, which inadequately evaluates and executes all inputs, allowing maliciously crafted strings to execute system commands. Yamale is widely utilized by developers for validating YAML, a data serialization language commonly used in configuration files, with at least 224 repositories on GitHub relying on this package. This vulnerability presents a significant risk for any projects that utilize input schema files, enabling potential Python code injection for those with access.

Major Vulnerability in OpenSea Could Have Allowed Hackers to Steal Cryptocurrency from User Wallets

Oct 13, 2021

A recently patched critical vulnerability in OpenSea, the leading marketplace for non-fungible tokens (NFTs), had the potential to be exploited by hackers to siphon cryptocurrency from victims by sending specially-crafted tokens. This revelation comes from cybersecurity firm Check Point Research, which launched an investigation following reports of cryptocurrency theft linked to free airdropped NFTs. The issues were resolved within an hour of responsible disclosure on September 26, 2021. “If left unaddressed, these vulnerabilities could have permitted hackers to seize user accounts and drain entire cryptocurrency wallets by crafting malicious NFTs,” stated researchers from Check Point. NFTs, as unique digital assets, include items like photos, videos, and audio, traded on the blockchain, which serves as a certificate of authenticity.

New ‘Trojan Source’ Technique Allows Hackers to Conceal Vulnerabilities in Source Code

November 1, 2021

A groundbreaking class of vulnerabilities has emerged, enabling threat actors to inject misleading malware that technically adheres to coding logic while distorting its intended functionality. Known as “Trojan Source attacks,” this method exploits nuances in text-encoding standards like Unicode, allowing the arrangement of source code tokens to differ from their displayed order. This results in vulnerabilities that evade detection by human reviewers, according to researchers Nicholas Boucher and Ross Anderson from Cambridge University, who outlined the findings in a recent paper. These vulnerabilities, identified as CVE-2021-42574 and CVE-2021-42694, impact compilers across numerous widely-used programming languages, including C, C++, C#, JavaScript, Java, Rust, Go, and Python. Compilers are essential tools that convert high-level human-readable code into executable machine code.

Google Alerts on Active Exploitation of New Android Zero-Day Vulnerability

November 3, 2021

Google has released its latest monthly security updates for Android, addressing 39 vulnerabilities, including a zero-day exploit that is currently being targeted in limited attacks. Identified as CVE-2021-1048, this zero-day flaw is characterized as a use-after-free vulnerability in the kernel, which could allow local privilege escalation. Use-after-free vulnerabilities pose significant risks, enabling attackers to access or reference memory that has already been freed. This could lead to a “write-what-where” scenario, allowing arbitrary code execution and potential control over a victim’s device. “There are indications that CVE-2021-1048 may be under limited, targeted exploitation,” Google stated in its November advisory, while withholding specific technical details about the exploit, the nature of the attacks, and the identities of any potential perpetrators. The security patch also addresses two critical vulnerabilities among the other fixes.