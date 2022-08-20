



Below is the update on August 20th.This post was originally published on August 18th

If you’re a Chrome browser user on Windows, Mac, or Linux flavors, we have bad news from Google. An attacker has already exploited a high-impact security vulnerability that could allow them to control system resources or execute arbitrary code. This is the fifth zero-day Google has had to deal with in his 2022.

In an advisory posted on August 16, Srinivas Sista of the Google Chrome team confirmed that the latest Chrome update fixed a total of 11 security vulnerabilities ranging from moderate to critical impact. Of which he is one, he is a zero-day with CVE-2022-2856 in question. “Google is aware that an exploit for CVE-2022-2856 does exist,” Sista said.

Details about the zero-day vulnerability will not be released until the majority of users have confirmed that the update is installed and enabled.

However, Google confirms that CVE-2022-2856 was reported by hackers Ashley Shen and Christian Resell within the Google Threat Analysis Group on July 19th. ”

This is clear as mud for most users.

All I can add for clarity at this point is that the “intent” mentioned is how Chrome handles user input. Again, we can’t confirm the exact technical details of CVE-2022-2856, but crafting malicious input that prevents Chrome from validating it can lead to arbitrary code execution.

What are the steps required to secure Google Chrome?

What I can say with complete confidence is that you should make sure your browser is updated to the latest Chrome version as soon as possible. For Mac and Linux users this will be Chrome 104.0.5112.101, but for Windows users it will be either 104.0.5112.101 or 104.0.5112.102.

Chrome should update automatically, but it’s a good idea to force an update check to be safe. To protect your browser from this zero-day and other publicly disclosed threats, you need to take one extra step.

Restart your Chrome browser to enable Google security updates

in the browser menu[Google Chrome について]Navigating to an entry forces a check to see if there are any updates available. After downloading and installing that update, the restart button will be available. Restarting the browser puts the update into effect and protects him from Google Chrome zero-day for the fifth time this year.

Other browsers based on the Chromium engine are likely to be affected by the same vulnerability, so expect updates to browsers like Brave, Edge, and Opera to follow in time.

August 20 update:

CISA Adds Chrome Zero-Day to Known Exploited Vulnerability Catalog

Almost all mainstream media coverage, not just technical publications, has been about the recently patched Apple iOS and macOS zero-days, but Google Chrome’s zero-days aren’t suddenly irrelevant. The fact that the US Cybersecurity & Infrastructure Security Agency (CISA) has added his CVE-2022-2856 to their “catalog of known exploited vulnerabilities” is proof of that. CISA strongly recommends applying available patches as soon as possible for this list of vulnerabilities known to be exploited by real-world threat actors. Not to mention that two of his vulnerabilities for Apple (CVE-2022-32893 and CVE-2022-32894) are also included in this latest of his CISA catalog updates.

Browser security goes beyond vulnerability issues

But security-conscious Google Chrome users need to be aware of more than just vulnerabilities and zero-day vulnerabilities. Earlier in August, I reported that a cybercriminal group called SharpTongue was said to have ties to another group, Kimsuky. The group reports that CISA is likely to be “imposed on a global intelligence-gathering mission by the North Korean regime.” Collect credentials to spy on Gmail messages. The SHARPEXT attack was even able to read emails of users who implemented two-factor authentication. This is managed by capturing an authentication cookie known as a man-in-the-middle (AiTM) attack.

SHARPEXT malware intrudes through rogue browser extensions that are “more than just a vulnerability”. Not just Chrome, the campaign is reportedly targeting Edge (which is also based on his Chromium engine) and a lesser-known Western client called Whale, which is believed to be used in South Korea. It turns out. A new Kaspersky study reveals a whole host of browser extension security issues. This is not limited to his Chromium-based browsers.

Kaspersky Investigation Reveals Scope of Problem with Malicious Browser Extensions

According to Kaspersky research, in the first six months of 2022 alone, approximately 1,311,557 users attempted to download malicious or unwanted extensions. Dear readers, this is his 70% increase in similarly affected numbers over his entire 2021 year. Delivering unwanted ads was the most common target of these browser extensions, but that’s not the only one. Extensions containing malware payloads are the second most common. In fact, between January 2020 and his June 2022, about 2.6 million individual users were attacked by such malicious extensions, he said, Kaspersky researchers.

Make sure your Chromium-based browser is up to date and patched

And finally, in the original Chrome update article, I mentioned that other browsers will eventually issue updates as well. These all seem to be in order. See the image below to see the latest version numbers for Brave, Edge, and Opera.

Make sure your Brave browser is updated to version 104.0.5112.102 or higher

Make sure your Edge browser is updated to version 104.0.1293.63 or later.

Make sure your Opera browser is updated to version 90.0.4480.48 or higher

