Guard against use-after-free vulnerability in Google Chrome FileReader API
Vulnerable Google Chrome before 72.0.3626.121
On March 1st, Google published an advisory for a use-after-free in the Chrome implementation of the FileReader API (CVE 2019-5786).
The exploit leads to code execution in the Renderer process, and a second exploit was used to fully compromise the host system.
Clement Lecigne from Google Threat Analysis Group reported, an Internet attack has been found to exploit the vulnerability in the wild and targeting Windows 7, 32-bit platforms. The vulnerability, in conjunction with Windows win32k.sys kernel privilege escalation vulnerability (CVE-2019-0808), allows the attacker to bypass the Chrome sandbox on the target host to execute arbitrary code.
This vulnerability lets malicious code escape from being identified via Chrome’s
security sandbox, allowing cyber criminals to run malicious code on victim’s machine.
Mitigation (On Host Device):
1. Upgrade your Chrome browser to the latest version
Default installation of Chrome will install updates automatically, and users running the latest version of Chrome are already protected against that bug. To make sure you’re running the patched version, visit chrome://version, the version number displayed on the page should be 72.0.3626.121 or greater.
2. Fix Windows win32k.sys kernel privilege escalation vulnerability
Mitigation (On Network):
1. Deploy advanced protection
With ZyWALL USG or ATP to detect and mitigate the attacks exploiting the flow on the network level.
(1) Content Filter / Botnet Filter
To prevent accessing the malicious link that attacker builds to trigger the vulnerability.
Update to the latest version of IDP signature and then enable the IDP function to protect your host.
2019-08-21: Initial release
- 6.9K All Categories
- 2 Education Center
- 1.4K Nebula
- 34 Nebula Ideas
- 40 Nebula Status and Incidents
- 4K Security
- 203 Security Ideas
- 753 Switch
- 31 Switch Ideas
- 637 WirelessLAN
- 10 WLAN Ideas
- 4.6K Consumer Product
- 105 Service & License
- 224 News and Release
- 76 Stories
- 39 Security Advisories
- 522 FAQ
- 239 Nebula FAQ
- 121 Security FAQ
- 73 Switch FAQ
- 67 WirelessLAN FAQ
- 6 Consumer Product FAQ
- 30 Nebula Monthly Express
- 45 About Community
- 32 Security Highlight