Google says Chrome on Windows combo zero-day exploited in the wild

By

Full details of Chrome bug not yet revealed.

Google is warning that two zero-day flaws are being actively exploited in attacks against its Chrome web browser running on Microsoft's Windows operating system, and advises users to update their installations as soon as possible.

Google says Chrome on Windows combo zero-day exploited in the wild

Chrome security lead Justin Schuh said the current chained exploits differ from past attacks as they target the web browser code directly, and not plugins.

This meant that unless users manually restart their browsers after updating them, they could still be vulnerable.

Full details of the Chrome CVE-2019-5786 flaw are still under wraps, but it involves a memory use after it's freed bug in the FileReader application programming interface. 

FileReader allows websites access to local files on computers, and a use-after-free vulnerability could allow attackers to execute arbitrary code on users machines.

The second part of attack chain comprises a local privilege escalation vulnerability in the Windows kernel driver (win32k.sys).

Clement Lecigne of Google's Threat Analysis Group said the vulnerability is a NULL pointer dereference in win32k!MNgetpItemFromIndex when the NtUserMNDragOver() system call is called under specific circumstances.

This can be used by malicious code to escape the security sandbox, but Google strongly believes the vulnerability is only exploitable on the older Windows 7.

To date, Google said it has only seen active exploitation of the flaw against Windows 7 32-bit.

Google has reported the vulnerability to Microsoft which is working on a fix.

To mitigate against the win32k.sys privilege escalation vulnerability, Google suggests users consider upgrading to Windows 10, and apply patches from Microsoft when they become available.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
chromegooglemicrosoftsecuritywindows

Sponsored Whitepapers

Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra

Events

Most Read Articles

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
The Northern Beaches Women's Shelter hones focus on tech-enabled abuse

The Northern Beaches Women's Shelter hones focus on tech-enabled abuse
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?