Last week, the Chrome team warned that attackers were exploiting a zero day vulnerability in the popular browser in the wild. At a high level, Chrome’s FileReader suffers from a memory corruption vulnerability that attackers could exploit to escape Chrome’s sandbox and execute code. The criminals exploiting the flaw are also leveraging a Windows vulnerability as well. Watch the video below for more information about this issue, and make sure Chrome is up to date.
Episode Runtime: 1:31
Direct YouTube Link: https://www.youtube.com/watch?v=CDyTsyfh8Rw
EPISODE REFERENCES:
- Google warns of Chrome 0day – ZDNet
- Wild Chrome exploit also associated with a oday Windows flaw – ZDNet
- Blog post about the Chrome update – Google Blog
- Our written blog post on these new vulnerabilities – Secplicity
—Corey Nachreiner, CISSP (@SecAdept)
Chrome 0day in the Wild – Security Byte