 A vulnerability in the VBScript engine has been used by hackers working for North Korea to compromise systems targeted by the Darkhotel operation. VBScript is available in the latest versions of Windows and in Internet Explorer 11. In recent versions of Windows, though, Microsoft in the default configuration of its browser, making it immune to the vulnerability. There are other methods to load scripts, though. For instance, applications in the Office suite rely on the IE engine to load and render web content. Security researchers from Trend Micro noticed a VBScript vulnerability being exploited in the wild a day after Microsoft delivered its regular updates for Windows in July. Now tracked as CVE-2018-8373, the bug has been addressed in this month's patch delivery. It is a use-after-free memory corruption that allows the attacker to run shellcode on the compromised computer. After analyzing the exploit code, researchers discovered that it shared the obfuscation technique used by exploits for an older VBScript vulnerability also used in the wild and patched in May, CVE-2018-8174. Also known as Double Kill, the vulnerability was reported by experts at Chinese security company Qihoo 360. Get better informed by visiting W10NI.  Google Chrome is without a doubt the most popular internet browser in the world right now and according to third-party data, it holds close to 65% market share. Google Chrome is easy to use and secure. Last year, the search engine giant updated the web browser with a much-needed built-in software that would warn users about incompatible apps. It’s an experimental feature and sometime it could warn users against the apps. The browser began blocking third-party software from injecting into Chrome processes. After restarting, it will allow the injection but it would show a warning that guides the user to remove the software. Over the last few days, in an old Google product forum post, the users have revealed that Google Chrome browser is warning them against legit apps and the warning showed up after the browser crashed. In another thread, users claim that they have received a similar warning. A user on Reddit social media website has also shared a screenshot that shows Chrome browser’s warning in action. According to the Reddit user, the Chrome browser crashed and it launched with the above screen. The issue is not limited to any specific app. By the looks of things, the first few reports appeared back in late June and new reports have surfaced online over the last few days. More on this topic is posted on OUR FORUM.  Google has patched a vulnerability in the Chrome browser that allows an attacker to retrieve sensitive information from other sites via audio or video HTML tags. Ron Masas, a security researcher with Imperva, discovered and reported this issue —tracked as CVE-2018-6177— to Google. The browser maker fixed the security hole at the end of July with the release of Chrome v68.0.3440.75. The vulnerability can be exploited in older versions of Chrome in situations where an attacker can lure a victim on a malicious site, via malvertising (malicious code inside ads embedded on legitimate sites), or via vulnerabilities on legitimate sites where an attacker can inject and execute code —such as via stored cross-site scripting (XSS) flaws. In a write-up published earlier today and shared with Bleeping Computer, Masas explained that the attack scenario requires malicious code that loads content from legitimate sites inside audio and video HTML tags. Through the use of "progress" events, Masas says he can deduce the size of responses he gets from external sites, and guess various types of information. Under normal circumstances, this wouldn't be possible because of CORS —Cross-Origin Resource Sharing— a browser security feature that prevents sites from loading resources from other websites, but this attack bypasses CORS. Full details posted on OUR FORUM. |
Latest Articles
|