{"id":14801,"date":"2019-03-08T12:10:08","date_gmt":"2019-03-08T20:10:08","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/03\/08\/news-8550\/"},"modified":"2019-03-08T12:10:08","modified_gmt":"2019-03-08T20:10:08","slug":"news-8550","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/03\/08\/news-8550\/","title":{"rendered":"Google Chrome zero-day: Now is the time to update and restart your browser"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Fri, 08 Mar 2019 19:13:15 +0000<\/strong><\/p>\n<p>It&#8217;s not often that we hear about a critical vulnerability in Google Chrome, and perhaps it&#8217;s even more rare when Google&#8217;s own engineers are urging users to patch.<\/p>\n<p>There are several good reasons why you need to take this new Chrome zero-day (<a href=\"https:\/\/chromereleases.googleblog.com\/2019\/03\/stable-channel-update-for-desktop.html\" target=\"_blank\" rel=\"noopener\">CVE-2019-5786<\/a>) seriously. For starters, we are talking about a full exploitation that escapes the sandbox and leads to remote code execution. This in itself is not an easy feat, and is usually observed only sporadically, perhaps <a href=\"https:\/\/www.computerworld.com\/article\/3186686\/google-patches-chrome-bug-from-fizzled-pwn2own-hack.html\" target=\"_blank\" rel=\"noopener\">during a Pwn2Own competition.<\/a>\u00a0But this time, Google is saying that this vulnerability is actively being used in the wild.<\/p>\n<p>According to <a href=\"https:\/\/twitter.com\/_clem1\" target=\"_blank\" rel=\"noopener\">Cl\u00e9ment Lecigne<\/a>, the person from Google&#8217;s Threat Analysis Group who discovered the attack, there is <a href=\"https:\/\/security.googleblog.com\/2019\/03\/disclosing-vulnerabilities-to-protect.html?m=1\" target=\"_blank\" rel=\"noopener\">another zero-day<\/a> that exists in Microsoft Windows (yet to be patched), suggesting the two could be chained up for even greater damage.<\/p>\n<p>If you are running Google Chrome and its version is below 72.0.3626.121, your computer could be exploited without your knowledge. While it&#8217;s true that Chrome features an automatic update component, in order for the patch to be installed you must restart your browser.<\/p>\n<p>This may not seem like a big deal but it is. Another Google engineer explains why this matters a lot, in comparison to past exploits:<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">This newest exploit is different, in that initial chain targeted Chrome code directly, and thus required the user to have restarted the browser after the update was downloaded. For most users the update download is automatic, but restart is a usually a manual action. [3\/3]<\/p>\n<p>&mdash; Justin Schuh <img decoding=\"async\" src=\"https:\/\/s.w.org\/images\/core\/emoji\/11\/72x72\/1f5d1.png\" alt=\"\ud83d\uddd1\" class=\"wp-smiley\" style=\"height: 1em; max-height: 1em;\" \/> (@justinschuh) <a href=\"https:\/\/twitter.com\/justinschuh\/status\/1103763266445037568?ref_src=twsrc%5Etfw\">March 7, 2019<\/a><\/p>\n<\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Considering how many users keep Chrome and all their tabs opened for days or even weeks without ever restarting the browser, the security impact is real.<\/p>\n<p>Some might see a bit of irony with this latest zero-day considering Google\u2019s move to\u00a0<a href=\"https:\/\/blog.chromium.org\/2017\/11\/reducing-chrome-crashes-caused-by-third.html\" target=\"_blank\" rel=\"noopener\">ban third-party software injections<\/a>. Many security programs, including Malwarebytes, need to hook into processes, such as the browser and common Office applications, in order to detect and block exploits from happening. However, we cannot say for sure whether or not this could prevent the vulnerability from being exploited, since few details have been shared yet.<\/p>\n<p>In the meantime, if you haven&#8217;t done so yet, you should <a href=\"https:\/\/support.google.com\/chrome\/answer\/95414?co=GENIE.Platform%3DDesktop\" target=\"_blank\" rel=\"noopener\">update and relaunch Chrome;<\/a>\u00a0and don&#8217;t worry about your tabs, they will come right back.<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/exploits\/2019\/03\/google-chrome-zero-day-now-is-the-time-to-update-and-restart-your-browser\/\">Google Chrome zero-day: Now is the time to update and restart your browser<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/exploits\/2019\/03\/google-chrome-zero-day-now-is-the-time-to-update-and-restart-your-browser\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Fri, 08 Mar 2019 19:13:15 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/cybercrime\/exploits\/2019\/03\/google-chrome-zero-day-now-is-the-time-to-update-and-restart-your-browser\/' title='Google Chrome zero-day: Now is the time to update and restart your browser'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2019\/03\/shutterstock_1197263077.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A particularly dangerous Google Chrome zero-day is already being used in real-world attacks. Despite Google&#8217;s auto update feature, users will need to close and restart their browser in order to be protected. <\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/cybercrime\/exploits\/\" rel=\"category tag\">Exploits<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/0day\/\" rel=\"tag\">0day<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/chrome\/\" rel=\"tag\">chrome<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/exploit\/\" rel=\"tag\">exploit<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/exploits\/\" rel=\"tag\">exploits<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/google\/\" rel=\"tag\">Google<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/vulnerability\/\" rel=\"tag\">vulnerability<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/zero-day\/\" rel=\"tag\">zero day<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/cybercrime\/exploits\/2019\/03\/google-chrome-zero-day-now-is-the-time-to-update-and-restart-your-browser\/' title='Google Chrome zero-day: Now is the time to update and restart your browser'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/exploits\/2019\/03\/google-chrome-zero-day-now-is-the-time-to-update-and-restart-your-browser\/\">Google Chrome zero-day: Now is the time to update and restart your browser<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[14741,10699,11638,10987,1670,10467,11524],"class_list":["post-14801","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-0day","tag-chrome","tag-exploit","tag-exploits","tag-google","tag-vulnerability","tag-zero-day"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14801","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=14801"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14801\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=14801"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=14801"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=14801"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}