Homeland Security (CISA) Confirms Attacks Underway

/in


Homeland Security cybersecurity agency says update Google Chrome as attackers home in on new security flaws.

Within the space of just three short weeks, Google has patched no less than five potentially dangerous vulnerabilities in the Chrome web browser.

These are not your common vulnerabilities either, but rather ones known as zero-days. A zero-day being a vulnerability that is being actively exploited by attackers while remaining unknown to the vendor or threat intelligence outfits.

Once the vendor becomes aware of the security flaw, day zero, it can start to mitigate against exploitation but not before. The attackers, therefore, have a head start.

What do we know about these zero-day Chrome flaws?

The latest two zero-days to be discovered are classed as high-severity in nature and affect Chrome for Windows, Mac and Linux.

The precise details of CVE-2020-16013 and CVE-2020-16017 have not yet been made public as Google restricts access to such information until the majority of users have updated.

However, the Department of Homeland Security cybersecurity agency, CISA, has advised that an attacker “could exploit one of these vulnerabilities to take control of an affected system.”

I can confirm that CVE-2020-16013 relates to the V8 JavaScript engine for Chrome and involves an incorrectly handled security check. Exploitation would most likely require an attacker to direct the victim to a malicious web page.

CVE-2020-16017, on the other hand, would appear to be a memory corruption vulnerability within the Chrome website sandboxing feature known as Site Isolation.

CISA urges users to update Google Chrome in light of ongoing attacks

The bad news is that attackers already know precisely what the vulnerabilities are and how to exploit them. CISA has confirmed that the security vulnerabilities have been “detected in exploits in the wild.”

Unsurprisingly, CISA is encouraging users to apply the necessary

Source…