Get in Touch
Patch released for exploited Google Chrome zero-day vulnerability
Indiscriminate, opportunistic targeting.
Google has released a security patch for an exploited zero-day vulnerability, tracked as CVE-2023-2136, which is a high-severity integer overflow vulnerability in Skia, Google’s open-source 2D graphics library.
Integer overflow flaws arise when an operation results in a value that exceeds the maximum for a given integer type.
Successful exploitation of CVE-2023-2136 could allow a remote threat actor to perform a sandbox escape via a crafted HTML page. This could result in memory corruption and code execution, ultimately leading to target system access.
Google has released the required security patch for the vulnerability of the respective product version. As such, previous versions are vulnerable to potential exploit.
– Google Chrome prior to 112.0.5615.137
Containment, Mitigations & Remediations
It is strongly recommended that Google Chrome users update to version 112.0.5615.137. It should be noted that this update is only available for Windows and macOS system users. Google has stated that the Linux version will be released in due course.
To initiate the Chrome update procedure, navigate to the “Chrome settings” > select “Help”. select “About Google Chrome”. If this is not performed manually. To complete the update requires relaunching the application.
Indicators of Compromise
No specific Indicators of Compromise (IoCs) are available at this time.
Google Chrome has a significant portion of the browser market share. Given that threat actors generally utilise a combination of probability and asset value to determine which attack surfaces to focus on, Google Chrome has become a prime target. Due to the fact that the Chrome browser has become an integral aspect of both personal and business operations, threat actors will continue to exploit vulnerabilities contained within the product in an attempt to extract the sensitive data contained therein.
Google recently released an additional Chrome update which addressed CVE-2023-2033, making this vulnerability the second actively exploited vulnerability in the Chrome browser in 2023.
No attribution to specific threat actors or groups have been identified at the time of writing.
TA0005 – Defense Evasion
TA0007 – Discovery
Defense Evasion and Discovery Technique:
T1497 – Virtualization/Sandbox Evasion