Skip to main content
Tag

Zero day vulnerability

||

Google Chrome Zero-Day Being Weaponized

By NewsNo Comments

Google Chrome Zero-Day Being Weaponized

Google has released Chrome 88.0.4324.150 today, however a zero-day vulnerability has been weaponized with active exploits taking place.

[vc_empty_space]
[vc_single_image image=”185826″ img_size=”full”]

New Chrome Vulnerability Exploited

Google has released Chrome 88.0.4324.150 to the Stable Channel and is impacting Windows, Linux and Mac OS. CVE-2021-21148 has been marked as weaponized with active exploits taking place.

What’s Been Resolved?

CVE-2021-21148: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a boundary error within the V8 engine in Google Chrome.

A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger heap-based buffer overflow, and execute arbitrary code on the target system.

What’s the Solution?

Upgrade to the latest version of Chrome (88.0.4324.150 or later) using Syxsense Secure.

Syxscore Risk Alert

This vulnerability has a significant risk as this can be exposed over any network, with low complexity and without privileges. Although the latest CVE carries a CVSS score of 8.8 (High Severity) the vulnerability is being weaponized.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): No
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Start a Free Trial of Syxsense

Experience the power of Syxsense for free. Our intuitive technology helps you easily predict and remove security threats where you are most vulnerable — at the endpoint.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
||

New Chrome Zero-Day Under Active Attack

By News, Patch ManagementNo Comments

New Chrome Zero-Day Under Active Attack

Google has released Chrome 86.0.4240.111 to patch high-severity issues, including a zero-day vulnerability being exploited in the wild.

[vc_empty_space]
[vc_single_image image=”185826″ img_size=”full”]

Google Chrome Zero-Day Vulnerability

Google has released Chrome 86.0.4240.111 today to patch high-severity issues, including a zero-day vulnerability that has been exploited in the wild. This is currently impacting Windows, Linux and Mac OS.

The vulnerability (CVE-2020-15999) is a memory-corruption flaw called heap buffer overflow in Freetype, an open-source software development library for rendering fonts included with Chrome.

According to researchers, the vulnerability is in the FreeType’s function “Load_SBit_Png,” which processes PNG images embedded into fonts. It can be exploited by attackers to execute arbitrary code through specific fonts with embedded PNG images.

Patching the Chrome Vulnerabilities

Google released Chrome 86.0.4240.111 as Chrome’s “stable” version, which is available to all users. The company stated that “an exploit for CVE-2020-15999 exists in the wild,” but did not reveal the latest attack details.

Besides the FreeType zero-day vulnerability, Google also patched four other severe flaws in the latest Chrome update.

The following issues have been resolved:

  • CVE-2020-16000: Inappropriate implementation in Blink
  • CVE-2020-16001: Use after free in media
  • CVE-2020-15999: Heap buffer overflow in Freetype
  • CVE-2020-16003: Use after free in printing

Keep Your Organization Protected

Customers of Syxsense Manage and Syxsense Secure can find these updates within the console.

Syxsense allows you to manage and secure vulnerabilities exposed by open ports, disabled firewalls, ineffective user account policies, and security compliance violations from remote workers.

Detecting software vulnerabilities isn’t enough—traditional security scanners only do half the job by identifying and tracking possible vulnerabilities and exposure without eliminating the risk.

With security scanning and patch management in a single console, our vulnerability scanning feature not only shows you what’s wrong, but also deploys the solution. Gain visibility into OS and third-party vulnerabilities while increasing cyber resilience through automated patching and security scans.

[vc_separator]

Experience the Power of Syxsense

Start a trial of Syxsense, which helps organizations from 100 to 100,000 endpoints secure and manage their environment, all from just a web browser.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1590698033746{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
||

Windows 10 Remote Work Bug: Zero-Day Vulnerability

By Blog, Patch ManagementNo Comments

Windows 10 Remote Work Bug: Zero-Day Vulnerability

New patches are available to address a Microsoft zero-day vulnerability, however these updates are not being made available in WSUS.

[vc_empty_space]
[vc_single_image image=”37663″ img_size=”full”]

More VPN Woes Amid Zero-Day Microsoft Vulnerability

With the unprecedented amount of staff working from home, the VPN is now more in demand than ever. Any IT professional whose remote workforce depends on VPN will be concerned about today’s zero-day vulnerability released by Microsoft.

The out-of-band optional update is now available on the Microsoft Update Catalog to address a known issue whereby devices using a proxy, especially those using a virtual private network (VPN), might show limited or no internet connection status.

This should be simple enough, however these updates are not being made available via WSUS, so an alternative method must be adopted this time around.

Users of Syxsense will find the following patches in their console for immediate deployment:

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||” css=”.vc_custom_1572936982710{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
||

Google Chrome Zero-Day Vulnerability Under Attack

By Patch ManagementNo Comments

Google Chrome Zero-Day Vulnerability Under Attack

Google has patched a Chrome browser zero-day bug being actively exploited in the wild. The vulnerability affects installations of Chrome running on Windows, Linux, and macOS.

[vc_empty_space]
[vc_single_image image=”37070″ img_size=”full”]

Chrome Under Active Attack

Google has patched a Chrome web browser zero-day bug being actively exploited in the wild. The vulnerability affects installations of Chrome running on Windows, Linux, and macOS.

The zero-day vulnerability, tracked as CVE-2020-6418, has been described as a type confusion issue affecting the V8 open source JavaScript engine used by the browser. Google has credited Clement Lecigne of its Threat Analysis Group for reporting the vulnerability. Lecigne has discovered various vulnerabilities within the past year within Chrome, as well as Internet Explorer.

Government Says Update Chrome

The Cybersecurity and Infrastructure Security Agency (CISA) also posted a bulletin encouraging users and administrators to review the Chrome Release and “apply the necessary updates.”

Technical details of the vulnerability are being withheld pending patch deployment to a majority of affected versions of the browser, according to Google. Memory corruption vulnerabilities typically occur when memory is altered without explicit data assignments triggering function errors, which in turn enable an attacker to execute arbitrary code on targeted devices.

Google Warns of More Vulnerabilities

Google has also warned users of two additional high-severity vulnerabilities. The first (CVE-2020-6407) is an out-of-bounds memory access in streams flaw and the other (CVE unassigned) is a flaw tied to an integer overflow in ICU, a flaw commonly associated with triggering a denial of service and possibly to code execution.

This is actually the third Chrome zero-day to have been exploited in the wild just this past year. Google patched the first Chrome zero-day in March of 2019 (CVE-2019-5786) and then a second in November of 2019 (CVE-2019-13720).

Patches for this zero-day have been released part of Chrome version 80.0.3987.122.

How to Manage Chrome Vulnerabilities

Leveraging a simple and powerful solution with an up-to-date library of third-party products could easily alleviate the issue across organizations. Syxsense provides Chrome updates same-day and allows for an exceptionally smooth process with a Patch Deploy task.

Simply target all devices for the newest update and the pre-packaged detection will determine if devices do/do not require the update. If they require it, the update will be automatically applied and the vulnerability remediated.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||” css=”.vc_custom_1572936982710{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
||

Urgent Firefox Patch Issued for Zero-Day Under Active Attack

By Patch ManagementNo Comments

Urgent Firefox Patch Issued for Zero-Day Under Active Attack

Mozilla is rushing out an urgent Firefox update for a new version of the browser to fix a critical zero-day flaw that is being actively exploited in the wild.
[vc_empty_space]
[vc_single_image image=”36566″ img_size=”full”]

New Firefox Vulnerability Exploited in the Wild

This week Mozilla released Firefox v72.0.1, a new version of the web browser that resolves a vulnerability that has been actively exploited in the wild.

Mozilla stated in a security bulletin on Wednesday that it was “aware of targeted attacks in the wild that were abusing the flaw. A successful attack could make it possible for attackers who successfully exploit it to abuse affected systems,” according to Mozilla.

The recent disclosure came just one day after Mozilla released its latest Firefox 72 browser on Tuesday. The recent release introduced new privacy features along with patching 5 high-severity bugs. The latest release for Firefox ESR (Extended Support Release), designed for easy and large-scale deployments, is version 68.4.1 and also included a number of fixes.

How the Firefox Vulnerability Can Affect You

The critical vulnerability (CVE-2019-17026) impacts IonMonkey, which is a JavaScript JIT (Just-in-Time) compiler for SpiderMonkey, the main component at Firefox’s core that handles JavaScript operations (Firefox’s JavaScript engine).

The vulnerability is a type confusion vulnerability: a specific bug that can lead to out-of-bounds memory access and can lead to code execution or component crashes that an attacker can easily exploit. The attack can be leveraged by luring a Firefox user with an outdated browser to other web pages with malicious code.

“Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion,” Firefox developers stated in a security advisory on Wednesday.

More Bugs in the New Mozilla Release

The major release earlier in the week also tackled a number of bugs. One of the flaws (CVE-2019-17015) is described as “memory corruption in parent process during new content process initialization on Windows.” Others include CVE-2019-17017 for a type confusion vulnerability and CVE-2019-17025 for a “memory-safety bug”.

The new 72 release also entails more cross-site tracking protections instead of dealing with notification request popups, floating video windows, and a control to request that Mozilla deletes the telemetry data collected. “Mozilla decided to hide these notifications after finding 97% of users dismissed them,” reported ZDNet. “Instead of intrusive popups, notification requests will appear as a ‘speech bubble’ in the address bar.”

Firefox 72 relies on a blacklist of companies known to conduct browser fingerprinting and that list is managed by Disconnect.

“Firefox 72 protects users against fingerprinting by blocking all third-party requests to companies that are known to participate in fingerprinting,” explained Mozilla privacy engineer Steven Englehardt. “This prevents those parties from being able to inspect properties of a user’s device using JavaScript. It also prevents them from receiving information that is revealed through network requests, such as the user’s IP address or the user agent header.”

The new version also includes a control to allow users to request Mozilla delete telemetry data as part of its efforts to comply with the California Consumer Privacy Act (CCPA). Mozilla is yet to explain where that control is located in the browser settings, but plans on enabling the feature globally.

Protect Your Environment from Future Zero-Day Vulnerabilities

Syxsense Manage and Syxsense Secure can easily resolve vulnerabilities across your entire environment. Find peace of mind by trusting your Syxsense and set up a free trial today.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||” css=”.vc_custom_1573147510616{margin-top: 15px !important;}”]
|

Breaking Patch News: Zero-Day Flaw

By News, Patch TuesdayNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

Patch Now: Microsoft Fixes Zero-Day Flaw

Two major security flaws were addressed in the latest Patch Tuesday update. The first was a zero-day vulnerability that is currently being used in attacks against Russian-speaking users. The second is a response to the new BlueBorne exploit that targets Bluetooth devices.

If you’ve deployed the Patch Tuesday updates for September, you already have these updates. However, if you haven’t already done so, we strongly urge you make this your top priority.

We know Microsoft’s Patch Tuesday bundle can be a real pain and kill your day, but that’s where Syxsense can help. With our maintenance windows and patch queries, you can set automatic tasks to deploy Patch Tuesday Updates every month they are released and schedule them around business hours.

It’s important to avoid a loss of productivity, but it’s also critical to keep your systems free of vulnerabilities by patching. Syxsense allows you to do both. There’s no excuse for not patching your systems and great risk with waiting to deploy updates.

[vc_single_image image=”12852″ img_size=”200×200 px” alignment=”center”]

Equifax Should Have Patched

Another reason to keep up to date on patches; breaches like Equifax. It seems they have tracked down the source of the security breach, a flaw in the Apache Struts Web Framework. This vulnerability was revealed back in March and has an update that fixes it.

It seems this isn’t the end of Equifax’s incompetence, but only the beginning. An unrelated discovery found that Equifax’s Argentinian website had their administrator user/password login to admin/admin. There are not words for how foolish this is.

This is one of the three major agencies charged with tracking our financial lives. It’s important that punishment comes and safeguards are put in place so that something like this never happens again.

To protect and patch your environments, start a trial of Syxsense today.

[vc_separator css=”.vc_custom_1494871528028{padding-top: 15px !important;padding-bottom: 5px !important;}”]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.staging2.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]