Google Chrome / Windows Zeroday Exploit

[domroderiguez]

Google researchers discovered a Windows exploit involving local system privileges being combined by attackers with a separate Google Chrome security flaw patched last Friday. While the Chrome exploit is inactive after Google rolled out a security update, Windows users running old versions are still at risk.

 

"The flaw, which resides in the Windows win32k.sys kernel driver, gives attackers a means to break out of security sandboxes that Chrome and most other browsers use to keep untrusted code from interacting with sensitive parts of an OS. Attackers combined an exploit for this vulnerability with an exploit for CVE-2019-5786, a use-after-free bug in Chrome’s FileReader component. The Windows vulnerability is a NULL pointer dereference in win32k!MNGetpItemFromIndex when the NtUserMNDragOver() system call is called under specific circumstances." - Ars Technica

 

While Google released a patch for chrome a week ago the update requires a browser restart to take effect unlike the previous chrome exploit involving the Adobe Flash plug-in which did not require a restart. Clement Lecigne, a member of Google’s Threat Analysis Group advises that all Windows users upgrade to version 10.

 

(source - https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/)

[BetterThanLife]

Chrome is sinking fast.

[pas008]

isnt this already posted?

[Ashley MLP Fangirl]

*laughs in Opera on macOS*

[domroderiguez]

1 hour ago, domroderiguez said:

Google researchers discovered a Windows exploit involving local system privileges being combined by attackers with a separate Google Chrome security flaw patched last Friday. While the Chrome exploit is inactive after Google rolled out a security update, Windows users running old versions are still at risk.

 

"The flaw, which resides in the Windows win32k.sys kernel driver, gives attackers a means to break out of security sandboxes that Chrome and most other browsers use to keep untrusted code from interacting with sensitive parts of an OS. Attackers combined an exploit for this vulnerability with an exploit for CVE-2019-5786, a use-after-free bug in Chrome’s FileReader component. The Windows vulnerability is a NULL pointer dereference in win32k!MNGetpItemFromIndex when the NtUserMNDragOver() system call is called under specific circumstances." - Ars Technica

 

While Google released a patch for chrome a week ago the update requires a browser restart to take effect unlike the previous chrome exploit involving the Adobe Flash plug-in which did not require a restart. Clement Lecigne, a member of Google’s Threat Analysis Group advises that all Windows users upgrade to version 10.

 

(source - https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/)

Sorry, I didn't see that this story was already posted. I found the original post and is linked below.

 

 

[Guest]

nice to see Google letting MS know ahead of time as usual before they let the public know 

[LAwLz]

2 hours ago, floofer said:

nice to see Google letting MS know ahead of time as usual before they let the public know 

Not sure if that's sarcasm since you in the other thread posted:

On 3/7/2019 at 2:49 AM, floofer said:

Major exploits in other software and operating systems is ok however, by google, to blab out to everyone.

but yes, Google did in fact reach out to Microsoft before making any of this public.

 

Google always gives at least a 90 days notice before going public with information about vulnerabilities. As far as I know, they have never made a vulnerability public until after having waited 90 days.

[dfsdfgfkjsefoiqzemnd]

Quote

“To date, we have only observed active exploitation against Windows 7 32-bit systems.”

 

In other words : 99% of Win7 users have nothing to worry about. 

There's no need for the alarmist "quick, get Windows 10 or you'll be haxxored !!!!1!" advice.  Win7 64bit and Win8.1 is just fine

[Doobeedoo]

Why use Google Chrome though? 

[rcmaehl]

@domroderiguez I'll add this to my topic

[Guest]

9 hours ago, LAwLz said:

Not sure if that's sarcasm since you in the other thread posted:

 

but yes, Google did in fact reach out to Microsoft before making any of this public.

 

Google always gives at least a 90 days notice before going public with information about vulnerabilities. As far as I know, they have never made a vulnerability public until after having waited 90 days.

Doesn’t look that way at all.

[Hellion]

Not sure why this really matters?

 

Chrome is already spyware.trash.stealing data from everything you do.

 

How is that any different from someone doing so from an exploit?

[W-L]

This was posted previously as noted, let's keep discussion in one collective thread:

 

-Locked-