Targeted Attacks on Zero-Day Vulnerabilities

11. March, 2019

Google warns of two yet unknown vulnerabilities in Chrome and Windows 7 that are being actively exploited together. Details remain secret in order to protect users.

Two serious vulnerabilities in Chrome/Chromium and Windows allow attackers to infiltrate a foreign system, gain local elevated privileges and subsequently take control of the devices. The security update for the CVE-2019-5786 vulnerability in Chrome has already been distributed automatically; Microsoft is still working on a fix for Windows.

Check now: Security Update for Chrome 

Thanks to an automatic update on March 1, many devices have already been updated to the patched version of Chrome (72.0.3626.101 or higher). Please check the settings of your browser. Updates are usually performed in the background when the browser is closed or reopened. If the update was not applied automatically, click the three-point menu at the top right of your browser, then click Update Google Chrome and then Restart. If you don’t see this option, you already have the latest version installed. Linux users update Chrome using the Package Manager. Check also your smartphones and update the app at the PlayStore or Apple Store if necessary. All applications based on chromium are also likely to be affected.

Google is still holding back details on the serious gap. However, it is a bug in the FileReader API that allows attackers to provoke a memory error and use it to push their own code onto the device and execute it.

Windows: Vulnerability is actively exploited

According to Google’s security blog, anyone who still uses Windows7 is also at risk. The vulnerability allows attackers to use a null pointer in a Windows kernel driver to extend their user rights. In combination with the Chrome vulnerability, it should be possible to break out of the sandbox and take control of the entire system. Google strongly suspects that only Windows 7 is affected and therefore advises its users to update to Windows 10 if possible.

Be sure to enable automatic software updates and restart your devices regularly so that these updates can be installed!

Schematic representation of the IKARUS managed.defense service to illustrate the interaction between companies and products.
Image
IKARUS anti.virus Version 3.1
CSM Screenshot VirusTotal
Image
Image
App-Icon IKARUS TestVirus

We are lookink forward to hearing from you!

IKARUS Security Software GmbH
Blechturmgasse 11
1050 Vienna

Phone: +43 (0) 1 58995-0
Fax: +43 (0) 1 58995-100
Sales Hotline: +43 (0) 1 58995-500

SUPPORT-HOTLINE

Support-Hotline:
+43 (0) 1 58995-400
support@ikarus.at

Support-times:
Mon- Thu: 8am – 6pm
Fri: 8am – 3pm

Remote maintenance software:
TeamViewer Download
AnyDesk Download