Google has just confirmed the second clutch of security updates for the Chrome browser in July. Version 103.0.5060.134 for all Windows, Mac, and Linux users will become available in the coming days. While this update will roll out automatically, users who don’t restart their browser regularly are advised to check manually and force the security patch activation.
July 22 Update below. This post was originally published on July 20
As I reported earlier in the month, a zero-day Chrome vulnerability was confirmed by Google as being actively exploited by attackers. That vulnerability was CVE-2022-2294 and very little detail was released about it for obvious reasons. Now that there has been plenty of time for users to apply the fix, in the form of the first Google Chrome security update for July, that detail has started to emerge courtesy of the threat researchers at Avast who discovered it. In a newly published report, the researchers reveal how the vulnerability was used by attackers targeting users in the Middle East, in particular journalists in Lebanon.
The Avast researchers say that they can “confidently attribute it to a secretive spyware vendor” which they name as Candiru. A year ago, almost to the day, Citizen Lab research claimed that Candiru was “a mercenary spyware firm that markets ‘untraceable’ spyware to government customers. Their product offering includes solutions for spying on computers, mobile devices, and cloud accounts.” Avast says Candiru had laid low following the publication of this research but, in March 2022, researchers had seen it come back with tools targeting Avast users, once again in Lebanon as well as Palestine, Turkey, and Yemen. Those tools used a zero-day for Google Chrome.
Avast reports how the zero-day was designed to target Chrome users on the Windows platform, because it used a WebRTC bug it also impacted Microsoft Edge and even Apple Safari. All versions of Chrome have since been patched.
This, if you really needed reminding, is a good reason to ensure you don’t hang around installing these security updates for Chrome. With billions of users spread across multiple platforms, it is a very profitable target for malicious actors. As stated…