Wednesday, July 8, 2020
Home Lead Story Google Chrome Web Browser Has Been Spotted with an Exploited Vulnerability

Google Chrome Web Browser Has Been Spotted with an Exploited Vulnerability

Certain similarities in the code point to a possible link between this campaign and Lazarus attacks

A new exploited vulnerability in Google Chrome web browser called “CVE-2019-13720”, which is a zero-day vulnerability, has been spotted by Russian cyber security firm Kaspersky. The firm has reported it Google and a patch has been released.

Zero-day vulnerabilities are essentially previously unknown software bugs that can be exploited by attackers to inflict serious and unexpected damage.

The detected exploit was used in what the cyber security firm calls ‘Operation WizardOpium’.

Certain similarities in the code point to a possible link between this campaign and Lazarus attacks.

“The finding of a new Google Chrome zero-day in the wild once again demonstrates that it is only collaboration between the security community and software developers, as well as constant investment in exploit prevention technologies, that can keep us safe from sudden and hidden strikes by threat actors,” Anton Ivanov, Security Expert at Kaspersky, said in a statement.

The new exploit is used in attacks that leverage a waterhole-style injection in a Korean-language news portal.

Google Chrome
A new exploited vulnerability in Google Chrome web browser called “CVE-2019-13720”, which is a zero-day vulnerability, has been spotted by Russian cyber security firm Kaspersky. Pixabay

A malicious JavaScript code is inserted in the main page, which in turn, loads a profiling script from a remote site to further check if the victim’s system could be infected by examining versions of the browser’s user credentials.

The vulnerability tries to exploit the bug through the Google Chrome browser and the script checks if version 65 or later is being used.

ALSO READ: 300 Teams in the Field in Delhi to Fight Air Pollution

The exploit gives an attacker a Use-After-Free (UaF) condition, which is very dangerous because it can lead to code execution scenarios. (IANS)

STAY CONNECTED

18,992FansLike
362FollowersFollow
1,781FollowersFollow

Most Popular

Here’s How you can Manage Flu at Home

The monsoon has begun, and while it brings relief from summer heat it also brings perils of humidity. With the rain showers comes the...

Top Selection Criteria for a Voltage Stabilizer

In our power grids, voltage fluctuation is a common phenomenon. But it also is a concerning one as it can harm sensitive electrical appliances...

Dalai Lama Turns 85, Tibetans Dedicate Year 2020 to him

In the wake of the coronavirus outbreak, the Central Tibetan Administration (CTA), also known as Tibetan government-in-exile, on Monday announced to dedicate this year...

Here’s What to Expect When You Catch a Flight from the Airport

Hustling sounds, frequent announcements, savvy travelers glued to their gadgets, emotional families waiting to receive or see-off their loved ones-- it's perhaps the opening...

A Must have Adventure Bucket List

The worldwide lockdown due to coronavirus has brought a screeching halt to every industry, including the travel and hospitality. With restrictions on international travel...

Picture Perfect Living Room Decor Ideas

A cosy and comfortable sofa set, a coffee table for tete-a-tete and a perfect TV unit to keep the entertainment mode on, all these...

‘Covid’ Now the most Searched Word of 2020

The term 'Covid' - the commonly used shorthand for Covid-19 or Coronavirus disease caused by the SARS CoV-2 virus - is the top word...

Beauty of Indian Culture: William Dalrymple on his Experience Living in India

India is one of the most religiously and ethnically diverse nations with the oldest culture in the World. The Indian culture varies like its...

Recent Comments