Get in Touch
Please get in touch using the form below.
Patch released for exploited Google Chrome zero-day vulnerability
Target Industry
Indiscriminate, opportunistic targeting.
Overview
Google has released a security patch for an exploited zero-day vulnerability, tracked as CVE-2023-2136, which is a high-severity integer overflow vulnerability in Skia, Google’s open-source 2D graphics library.
Integer overflow flaws arise when an operation results in a value that exceeds the maximum for a given integer type.
Impact
Successful exploitation of CVE-2023-2136 could allow a remote threat actor to perform a sandbox escape via a crafted HTML page. This could result in memory corruption and code execution, ultimately leading to target system access.
Vulnerability Detection
Google has released the required security patch for the vulnerability of the respective product version. As such, previous versions are vulnerable to potential exploit.
Affected Products
– Google Chrome prior to 112.0.5615.137
Containment, Mitigations & Remediations
It is strongly recommended that Google Chrome users update to version 112.0.5615.137. It should be noted that this update is only available for Windows and macOS system users. Google has stated that the Linux version will be released in due course.
To initiate the Chrome update procedure, navigate to the “Chrome settings” > select “Help”. select “About Google Chrome”. If this is not performed manually. To complete the update requires relaunching the application.
Indicators of Compromise
No specific Indicators of Compromise (IoCs) are available at this time.
Threat Landscape
Google Chrome has a significant portion of the browser market share. Given that threat actors generally utilise a combination of probability and asset value to determine which attack surfaces to focus on, Google Chrome has become a prime target. Due to the fact that the Chrome browser has become an integral aspect of both personal and business operations, threat actors will continue to exploit vulnerabilities contained within the product in an attempt to extract the sensitive data contained therein.
Google recently released an additional Chrome update which addressed CVE-2023-2033, making this vulnerability the second actively exploited vulnerability in the Chrome browser in 2023.
Threat Group
No attribution to specific threat actors or groups have been identified at the time of writing.
Mitre Methodologies
Tactic:
TA0005 – Defense Evasion
Tactic:
TA0007 – Discovery
Defense Evasion and Discovery Technique:
T1497 – Virtualization/Sandbox Evasion