Google confirms Chrome Zero-Day #5 as attacks begin, update now

Spread the love

August 20 update below. This post was originally published on August 18.

If you are a user of the Chrome browser, whether it is a Windows, Mac or Linux version, Google has bad news for you. Attackers are already exploiting a high-impact security vulnerability that could lead to them gaining control of a system resource or executing arbitrary code. This is the fifth zero day that Google has had to deal with in 2022 so far.

MORE FROM FORBESNew smartphone threat brings ransomware to Android and targets Gmail cookies

What is Google Chrome CVE-2022-2856 Zero Day?

In an advisory published on August 16, Srinivas Sista of the Google Chrome team confirms that a total of eleven security vulnerabilities, ranging from medium to critical impact, have been fixed in the latest Chrome update. One of them, CVE-2022-2856, is the zero day in question. “Google is aware that an exploit exists for CVE-2022-2856,” Sista said.

Not many details about the zero-day vulnerability are made public until most users have had time to make sure the update is installed and activated.

However, Google confirms that CVE-2022-2856 was reported by Google Threat Analysis Group hackers Ashley Shen and Christian Resell on July 19. It is, according to the advisory, “insufficient validation of unreliable input on Intents”. ”

Which will be as clear as mud for most users.

MORE FROM FORBESCisco Hacked: Ransomware Gang Claims It Has 2.8GB Of Data

All I can add, at this point, in an attempt to clarify, is that the ‘intents’ mentioned are how Chrome processes user input. It is possible, though again I cannot confirm the precise technical details of CVE-2022-2856, that by creating malicious input that prevents Chrome from validating it, it could lead to arbitrary code execution.

What steps should you take to secure Google Chrome?

What I can say with complete confidence is that you should check that your browser has been updated to the latest version of Chrome as soon as possible. For Mac and Linux users, it will be Chrome 104.0.5112.101, while for Windows users, it could be 104.0.5112.101 or 104.0.5112.102, just for some additional unwanted confusion.

While Chrome should update automatically, it is recommended that you force check for updates to be safe. You also need to take an extra step before your browser is protected from this zero-day threat and other revealed threats.

Go to the About Google Chrome entry in the browser menu, which will force a check for any available updates. Once that update has been downloaded and installed, a reset button will be available. After restarting the browser, the update will kick in and protect you from Google Chrome’s fifth zero day of the year.

MORE FROM FORBESMicrosoft confirms high-impact attacks on Windows 10, 11 and servers: update now

As other browsers that are based on the Chromium engine will likely be affected by the same vulnerabilities, expect updates to Brave, Edge, and Opera in due course.

August 20 update:

CISA Adds Chrome Zero-Day to Catalog of Known Exploited Vulnerabilities

Although nearly all of the mainstream media coverage, not just tech publications, has focused on the recently patched Apple iOS and macOS zero-daysThat doesn’t mean that Google Chrome suddenly stops being important. The fact that the US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2022-2856 to the ‘Catalog of Known Exploited Vulnerabilities’ is proof of this. This list of vulnerabilities known to be exploited by real-world threat actors comes with a strong recommendation from CISA to apply available patches as soon as possible. Needless to say, but I’ll do it anyway, the two Apple vulnerabilities (CVE-2022-32893 and CVE-2022-32894) are also included in this latest CISA catalog update.

Browser security extends beyond the problem of vulnerabilities

However, it’s not just vulnerabilities, or even zero-day vulnerabilities, that the security-conscious Google Chrome user needs to be aware of. Earlier in August, I reported how a cybercrime group called SharpTongue, claiming connections to another group, Kimsuky, was reported by CISA as likely “tasked on a global intelligence-gathering mission by the North Korean regime.” avoiding the need to collect credentials to spy on Gmail messages. The SHARPEXT attack was even able to read emails from users who had implemented two-factor authentication. It manages this by taking authentication cookies in what is known as an adversary-in-the-middle (AiTM) attack.

SHARPEXT malware comes through, and here’s the point ‘not just vulnerabilities’, a rogue browser extension. In addition to Chrome, the campaign was found to be targeting Edge (based on the same Chromium engine) and a client little known in the West called Whale, which appears to be used in South Korea. New Kaspersky research has shed light on the entire browser extension security issueand it’s not just limited to Chromium-based browsers.

Kaspersky research reveals scope of malicious browser extension problem

According to Kaspersky research, in the first six months of 2022 alone, some 1,311,557 users tried to download malicious or unwanted extensions. That, dear reader, is a 70% increase in the number similarly affected throughout 2021. While adware delivery was the most common goal of these browser extensions, that’s not the whole story: Extensions with a malware payload were the second most common. In fact, between January 2020 and June 2022, Kaspersky researchers claim that some 2.6 million individual users were attacked by such malicious extensions.

Check that your Chromium-based browser is up to date and patched

And finally, I mentioned in the original Chrome update article that other browsers would release updates in due course. These appear to be in place now. Check out the images below for the latest version numbers for Brave, Edge, and Opera.

#Google #confirms #Chrome #ZeroDay #attacks #update

Leave a Comment

Your email address will not be published.