Cisco Talos recently uncovered a vulnerability in Google Chrome that can be exploited.
Chrome is a cross-platform web browser, while Chromium is the open-source version of Chrome that other software developers use to create their own browsers. Blink, the fundamental DOM parsing and rendering engine at the heart of Chromium, is vulnerable to this exact flaw.
The use-after-free vulnerability TALOS-2021-1352 (CVE-2021-30625) is triggered when a user visits a specially constructed web page in Chrome. That page could cause previously freed memory to be reused, potentially leading to the execution of arbitrary code. An attacker could execute arbitrary code in the context of the browser if this vulnerability is successfully exploited. An attacker could read, alter, or remove data depending on the privileges associated with the inst In accordance with Cisco’s vulnerability disclosure policy, Cisco Talos worked with Google to remedy the issue and make an update available to affected users.
Users are advised to update the following products as soon as possible: Versions 92.0.4515.131 (Stable) and 94.0.4597.1 of Google Chrome (Canary). This vulnerability could be exploited by these versions of Chrome, according to Talos.
The SNORTR rules 58001 and 58002 will detect exploitation attempts against this vulnerability. Additional rules may be provided in the future, and existing rules may be modified based on new vulnerability information. Please consult your Firepower Management Center or Snort.org for the most up-to-date rule information.
THREAT INTELLIGENCE: According to Google, a bug has been discovered in the wild.
RISK: Google Chrome versions prior to 94.0.4606.61 SYSTEMS AFFECTED: Google Chrome versions prior to 94.0.4606.61 SYSTEMS AFFECTED: Google Chrome versions prior to 94.0.4606.61 SYS
HIGH FOR LARGE AND MEDIUM-SIZED GOVERNMENTAL ORGANIZATIONS
MEDIUM-SIZED GOVERNMENTAL ORGANIZATIONS
Large and medium-sized businesses: HIGH
MEDIUM-SIZED COMPANIES
TECHNICAL SUMMARY:
In Google Chrome a vulnerabi Google Chrome is an internet browser.lity has been uncovered. This has the high risk of generating the execution of arbitrary code. A Use after free could lead to the execution of arbitrary code. An attacker could execute arbitrary code in the context of the browser if this vulnerability is successfully exploited. An attacker could read, alter, or remove data depending on the privileges associated with the instance.
RECOMMENDATIONS:
The following actions are suggested for better protection be taken:
- Google provide the stable updated channel to any vulnerable systems. User need to apply this immediately after appropriate testing.
- The vulnerable attacks always does not become successful when all the software is run as non-privileged user (one without administrative privileges).
- The user alerts are made to educate them not to use the hypertext links contained in emails or attachments. This is because they are from the untrusted sources.
- It is hereby informed to all the user to apply the Principle of Least Privilege.
- The users are reminded once more to not visit any un-trusted websites or following any internet links by untrusted sources.
