Table of Contents
1. Overview
2. Vulnerability details
4. Temporary solution
Home Operation and Maintenance Safety How to analyze Google Chrome remote code execution 0Day vulnerability notification

How to analyze Google Chrome remote code execution 0Day vulnerability notification

May 16, 2023 pm 12:37 PM
google chrome 0day

1. Overview

On April 13, 2021, Antiy CERT discovered that foreign security researchers released a PoC of a remote code execution 0Day vulnerability in the Google Chrome browser, which attackers can exploit The vulnerability constructs a specially crafted page. Users' access to this page will cause remote code execution. The vulnerability affects the latest official version of Chrome (89.0.4389.114) and all earlier versions. Antiy CERT followed up and found out that due to the high usage rate of Google Chrome browser in China, this vulnerability has the risk of being exploited by malicious code and spread widely, and the threat level is high. At the same time, Antiy CERT testing found that some other domestic browsers using the Google Chrome kernel are also affected. Currently, browsers such as Microsoft Edge already run in the sandbox mode by default. Antiy CERT tested that this vulnerability cannot penetrate Chrome's sandbox mode if used alone, but it does not mean that this is not a serious problem. vulnerability, because in actual attacks, multiple vulnerabilities may be used in combination. If this vulnerability is used in combination with other vulnerabilities that penetrate the sandbox, it may pose a great security threat.

Since Chrome-based browsers are widely used in China, including 360 Secure Browser, Aoyou Browser, Sogou Browser, Speed ​​Browser, etc., it is recommended that relevant manufacturers quickly carry out verification and investigation. We have urgently reported it to the relevant national departments and recommended that customers adopt temporary solutions as soon as possible to avoid being affected by this vulnerability.

2. Vulnerability details

Anty CERT found that foreign security researchers released PoC details about the Google Chrome remote code execution 0Day vulnerability[1]. Google Chrome is a free web browser developed by Google. This vulnerability affects the latest official version of Chrome (89.0.4389.114) and all earlier versions. An attacker can construct a special web page and induce the victim to access it, thereby achieving remote code execution.

如何分析Google Chrome远程代码执行0Day漏洞通报

Figure 2-1 Screenshot of PoC verification by foreign security researchers

Anty CERT followed up and reproduced this vulnerability. The screenshots are as follows:

如何分析Google Chrome远程代码执行0Day漏洞通报

Figure 2-2 Antiy CERT verification screenshot for PoC

Antiy CERT test found part of the use Other browsers using the Google Chrome kernel are also affected by this vulnerability, but browsers using the Chrome kernel are not affected by this vulnerability if they use sandbox mode.

如何分析Google Chrome远程代码执行0Day漏洞通报

Figure 2-3 A browser test chart

3. Version range affected by the vulnerability

This vulnerability mainly affects versions: 89.0.4389.114 and below versions

4. Temporary solution

● It is recommended that users avoid opening web pages from unknown sources Links and avoid clicking on email attachments from unknown sources;

● It is recommended that users run the Google Chrome browser in a virtual machine;

● Continue to pay attention to the updates on the Google Chrome official website and complete the update in a timely manner.

The results of vulnerability reproduction under the existing default policies of relevant browsers indicate: The continuous enhancement of the security mechanisms of the operating system and the application itself can have a certain effect in attack mitigation. But at the same time, it is still very necessary to keep version updates and patch upgrades at any time. The effective combination of the system's own security policy settings, version and patch updates, and the main defense mechanism of third-party host security software are all very necessary fulcrums for host system security.

The above is the detailed content of How to analyze Google Chrome remote code execution 0Day vulnerability notification. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks ago By 尊渡假赌尊渡假赌尊渡假赌
Hello Kitty Island Adventure: How To Get Giant Seeds
1 months ago By 尊渡假赌尊渡假赌尊渡假赌
Two Point Museum: All Exhibits And Where To Find Them
1 months ago By 尊渡假赌尊渡假赌尊渡假赌

Hot Tools

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

How to change the display language in Google Chrome on Windows PC How to change the display language in Google Chrome on Windows PC Apr 25, 2023 pm 11:28 PM

Have you ever noticed that when browsing the Internet, some web pages are in various languages ​​that you cannot understand due to unfamiliarity? At this point, Google Chrome must ask the user if they wish to translate the web page into English or another language that the user understands. However, some users complained that Google Chrome does not translate any pages. So we designed a way to add a display language and allow Chrome to translate most web pages into the user's preferred language. If you're looking for a way to change your display language while allowing Chrome to translate your web pages, this article will show you how. How to Change Google Chrome Display Language Let’s see how to change it by following some simple steps given below

How to enable or disable smooth scrolling for websites in Google Chrome How to enable or disable smooth scrolling for websites in Google Chrome Apr 14, 2023 am 09:58 AM

Google Chrome is one of the most used browsers globally because of the performance it offers compared to other browsers. However, it uses a lot of system resources and sometimes lags when scrolling web pages. To improve your browsing experience, Chrome provides the option to customize the browser. However, these additional features and tweaks provided by Chrome are not available to users by default. These experimental features in Chrome are hidden and can be accessed through the Chrome flag. Smooth scrolling is one such experimental feature in Chrome that can be enabled or disabled via a Chrome flag. This feature allows you to scroll and navigate page content smoothly. If you are browsing the Internet and find that pages scroll slowly or

Analysis of the latest 0day vulnerability examples of Buhtrap hacker group Analysis of the latest 0day vulnerability examples of Buhtrap hacker group Jun 02, 2023 pm 09:05 PM

The Buhtrap group has long been known for its targeting of Russian financial institutions and businesses. During our tracking, the group's main backdoors, as well as other tools, were discovered and analyzed. Since the end of 2015, the organization has become a cybercriminal organization with financial interests, and its malware has appeared in Eastern Europe and Central Asia for espionage operations. In June 2019, we first discovered that Buhtrap used 0day attacks. At the same time, we found that Buhtrap used the local privilege escalation vulnerability CVE-2019-1132 during the attack. The local privilege escalation vulnerability in Microsoft Windows exploits an issue caused by NULL pointer dereference in the win32k.sys component. Should

How to analyze Google Chrome remote code execution 0Day vulnerability notification How to analyze Google Chrome remote code execution 0Day vulnerability notification May 16, 2023 pm 12:37 PM

1. Overview On April 13, 2021, Antiy CERT discovered that foreign security researchers released a PoC of a remote code execution 0Day vulnerability in the Google Chrome browser. Attackers can use the vulnerability to construct a specially crafted page, and users accessing the page will cause remote code execution. The vulnerability affects the latest official version of Chrome (89.0.4389.114) and all earlier versions. Antiy CERT followed up and found out that due to the high usage rate of Google Chrome browser in China, this vulnerability has the risk of being exploited by malicious code and spread widely, and the threat level is high. At the same time, Antiy's CERT test found that some other domestic browsers using the Google Chrome kernel are also affected. Currently as

Hack an assassin's phone in 40 minutes Hack an assassin's phone in 40 minutes Jul 20, 2024 pm 06:11 PM

According to people familiar with the matter, Cellebrite, an Israeli mobile device forensics company, provided the FBI with an evaluation version of a mobile phone cracking program that has not yet been released and is still undergoing internal testing. The FBI used it to unlock the special device in less than 40 minutes. The cellphone of Trump assassin Thomas Matthew Crooks. Agents from the FBI's Pittsburgh office initially used a commercially available Cellebrite tool to unlock Crooks' phone, but were unsuccessful. So the phone was sent to the FBI's Quantico headquarters that day. After headquarters personnel contacted key account support, Cellebrite provided an unreleased unlocking tool, allowing investigators to unlock the phone at 40

How to open Google Chrome without extensions in Windows 11/10 How to open Google Chrome without extensions in Windows 11/10 Apr 14, 2023 pm 05:46 PM

<p>Google Chrome is the most used browser in the world and it comes with powerful features that make it the best among other browsers. It has a feature called extensions which has its own advantages and disadvantages. But sometimes, when you unknowingly install extensions from certain third-party providers, it can actually cause problems that can break your browser and other software. Therefore, it is better to disable extensions in Google Chrome when needed. If you also want to open google chrome without extensions, then this article will help you know how to do it. </p><h2>If

Example analysis of Google Chrome 85 fixing WebGL code execution vulnerability Example analysis of Google Chrome 85 fixing WebGL code execution vulnerability May 17, 2023 pm 02:07 PM

Google has fixed a use-after-free vulnerability in the WebGL (WebGraphicsLibrary) component of the Google Chrome web browser. By successfully exploiting this vulnerability, an attacker can execute arbitrary code in the context of the browser's process. WebGL is a JavaScript API that compliant browsers use to render interactive 2D and 3D graphics without the use of plug-ins. GoogleChrome85.0.4149.0 has fixed this code execution vulnerability. High-risk code execution vulnerability The code execution vulnerability discovered by CiscoTalos senior research engineer Marcin Towalski is numbered CVE-2020-649

How to fix ERR_ICANN_NAME_COLLISION in Google Chrome How to fix ERR_ICANN_NAME_COLLISION in Google Chrome Apr 14, 2023 am 11:28 AM

<p>Many users prefer using Google Chrome due to its advanced features and ease of use, however, the browser may sometimes return an error when you try to access a website or after updating the browser. One such error is the " <strong>ERR_ICANN_NAME_COLLISION</strong> " error. This error will prevent you from accessing any website through Chrome and return the above error. You may also encounter this when trying to use localhost .dev on Chrome

See all articles