Make sure you update Google Chrome!! YOU ARE AT RISK

[BeefYT]

Couple days ago Google released an emergency security update for Google Chrome after another Zero Day exploit was published. 

If you wish to research a bit more on what the vulnerability is you can search CVE-2022-4135. This is the 8th Zero Day this year. 

 

The security risk: 
Attackers are able to execute and manipulate the file path that Chrome takes. This can lead to memory leaks and potential for Remote Code Execution which can lead to your entire system being exploited. 

 

These are the chrome versions you want to be at now: 
version 107.0.5304.121 for macOS and Linux

version 107.0.5304.121/.122 for Windows

 

If you are running any other browser you are advised to make sure they are updated which most will over the next week. 

 

Attackers will take advantage of this exploit it's incredibly easy to execute. 

 

I have tinkered with the vulnerabilty a little bit to see what it does and it took me 10 minutes to own another machine on my local network. This vulnerability is classed as being actively exploited.

 

Updating: 

Chrome on the top right hand corner will display an update symbol click it and update.

 

Make sure you have automatic updates on. This is googles quick fix release. Another vulnerabilty will more than likely come up in the next week or so. 

 

 

If i get hold of any more information ill post it here. 

 

 

Beef

Offensive Cyber Security Engineer & Penetration Tester

[RedBaird]

I clicked on the About Chrome in Settings and it did this:

 

Updating Chrome (66%)

Version 107.0.5304.107 (Official Build) (64-bit)

 

Then it did :

 

Nearly up to date! Relaunch Chrome to finish updating.

Version 107.0.5304.107 (Official Build) (64-bit)

 

They gave me a slightly different version from the 

 

"version 107.0.5304.121/.122 for Windows" in @BeefYT's post.   I have Windows 10 pro, version 10.0.19044 Build 19044.

 

 

Edited November 28, 2022 by RedBaird
versions

[BeefYT]

2 minutes ago, RedBaird said:

I clicked on the About Chrome in Settings and it did this:

 

Updating Chrome (66%)

Version 107.0.5304.107 (Official Build) (64-bit)

Hello mate, 

After that update. You may get another pop up for the update. You are quite a way behind and .107 

 

Best thing to do is turn on auto updating. ALT + F4 while on Chrome. 

CTRL + ESC (Task manager) 

Scroll through processes make sure you have completely killed Chrome. 

Restart Chrome. The Boot up script will execute which triggers auto update scripts. 

 

[RedBaird]

I got the update and closed Chrome.

 

The TaskManager | Processes only shows Google Crash Handlers running right now.  ( I have a TaskManager link on the Taskbar, just so I can "look at stuff".) 

 

Starting Chrome up again gave me the same 'updated' version as above.

 

Hmmm : " Chrome checks for new updates regularly, and when an update is available, Chrome applies it automatically when you close and reopen the browser. "

[GHARIB]

I confirm the information.

 

UPDATE chrome ASAP !

 

[RedBaird]

15 hours ago, BeefYT said:

CVE-2022-4135.

 

Are You Kidding Me? 😄  "Heap buFFer overflow in the GPU?"  OMG+LMAO!

 

Quote

NVD - CVE-2022-4135
Description Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page

 

Edited November 29, 2022 by RedBaird
buffer, not buTTer!

[BeefYT]

Yeah... For this day and age for a overflow exploit to still work is shocking. People will take advantage of it was just lucky Google actually picked it up first rather than someone else. 

 

Well thats as far as we are aware someone may have known about it and just kept quiet. Every hacker has a card up his sleeve. 

[Snuffs99]

4 hours ago, RedBaird said:

 

Are You Kidding Me? 😄  "Heap butter overflow in the GPU?"  OMG+LMAO!

 

 

 

 

😄😄 😄 

 

LMFAO, should have gone specsavers mate....... its buFFer not buTTer

[Vindstot]

I dont use Chrome (only very rarely), but I also did the update

 

Thanks for the warning!

[BeefYT]

7 hours ago, Vindstot said:

I dont use Chrome (only very rarely), but I also did the update

 

Thanks for the warning!

It's incredibly likely that other browsers will be effected by it. Just be a case of different vectors and paths compared to Chrome.

 

None the less it's why its so important to just update everything consistantly. 

 

And if the dev no longer supports it get shot of it. 

Edited November 29, 2022 by BeefYT

[RedBaird]

21 hours ago, RedBaird said:

potentially perform a sandbox escape via a crafted HTML page

 

"What is the difference between a sandbox and a sandbox escape?

 

The computer that houses the sandbox (with guest) is called the host. A sandbox escape is any type of exploit that allows the guest process to break free of the constraints of the sandbox, and access the host and/or outside world resources directly. The sandbox provides a constrained interface (shell) for the guest to operate in."  

 

// An untrusted process 'breaks out of jail' and can then cause damage to the wider world inside the computer system. //

[GHARIB]

39 minutes ago, RedBaird said:

The computer that houses the sandbox (with guest) is called the host. A sandbox escape is any type of exploit that allows the guest process to break free of the constraints of the sandbox, and access the host and/or outside world resources directly. The sandbox provides a constrained interface (shell) for the guest to operate in."  

 

It has been the case this year with Firefox / Firebird

The  vulnerability  CVE-2022-1529 (before version < 100.0.2  / <100.3 for android / < 91.9.1 for Thunderbird)

I can't share here the details because not disclosed and not the right place 😛

An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. 🤢

 

We call this "Javascript sandbox-escape vulnerabilities "

 

54 minutes ago, BeefYT said:

None the less it's why its so important to just update everything consistantly. 

 

Yes!

Don't listen some "lazy" IT guys who sometimes advice people to not update the devices yet and wait longer to check if the update "works nicely".....

 

NO!

 

A simple device should be ALWAYS updated immediately.

 

A system or network admin should also always look for patches and the impact on their networks.

 

When an UPDATE is available, it is because a security researcher has found vulnerabilitie(s).

 

Sometimes we feel ourselves in security, and we say "why someone would do this to me?"

But trust me, the whole web is grabbed, each device connected and incorrectly configured or not updated could be compromised.

 

Edited November 29, 2022 by GHARIB

[BeefYT]

43 minutes ago, GHARIB said:

It has been the case this year with Firefox / Firebird

The  vulnerability  CVE-2022-1529 (before version < 100.0.2  / <100.3 for android / < 91.9.1 for Thunderbird)

I can't share here the details because not disclosed and not the right place 😛

An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. 🤢

 

We call this "Javascript sandbox-escape vulnerabilities "

 

 

Yes!

Don't listen some "lazy" IT guys who sometimes advice people to not update the devices yet and wait longer to check if the update "works nicely".....

 

NO!

 

A simple device should be ALWAYS updated immediately.

 

A system or network admin should also always look for patches and the impact on their networks.

 

When an UPDATE is available, it is because a security researcher has found vulnerabilitie(s).

 

Sometimes we feel ourselves in security, and we say "why someone would do this to me?"

But trust me, the whole web is grabbed, each device connected and incorrectly configured or not updated could be compromised.

 

 

Why we make money mate and quite a bit for it because people will comprimise anything and everything in this day and age to make money. 

[BeefYT]

Chrome have launched another update to properly patch CVE-2022-4135. 

 

Make sure you update and you are on version: .123 for windows or .122 for macOS and Linux. 

 

PS: That should be the end for CVE-2022-4135 until about 2-3 months time when .123 is vulnerable... 

[RedBaird]

22 minutes ago, BeefYT said:

version: .123 for windows

 

My Windows 10 Chrome just updated to "Version 108.0.5359.95 (Official Build) (64-bit)"