Introduction to Malware Binary Triage (IMBT) Course
Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor.
Enroll Now and Save 10%: Coupon Code MWNEWS10
Note: Affiliate link – your enrollment helps support this platform at no extra cost to you.
Overview
On December 16, 2024, the Indian Computer Emergency Response Team (CERT-In) issued a vulnerability note (CIVN-2024-0356) regarding multiple security flaws in Google Chrome for Desktop. These vulnerabilities, rated HIGH in severity, could allow remote attackers to execute malicious code or disrupt the system’s functionality through a Denial of Service (DoS) attack.
Affected Software Versions
These vulnerabilities impact the following versions of Google Chrome for Desktop:
- Windows and macOS: Versions prior to 131.0.6778.139/.140 and 131.0.6778.108/.109.
- Linux: Versions prior to 131.0.6778.139 and 131.0.6778.108.
All end-user organizations and individuals using Google Chrome for Desktop are urged to update their browsers immediately to prevent potential exploits.
Impact of the Vulnerabilities
The identified vulnerabilities can lead to the following risks:
- Remote Code Execution: A remote attacker could execute arbitrary code on a target system using a maliciously crafted webpage.
- Denial of Service (DoS): Attackers can crash the browser or make it unresponsive, causing system instability.
- Sensitive Information Disclosure: Exploitation may allow access to sensitive information stored in the browser.
Detailed Description of the Vulnerabilities
Google Chrome, a widely-used web browser across Windows, macOS, and Linux systems, is vulnerable to specific flaws caused by improper handling of memory during certain operations. Below is a breakdown of the vulnerabilities:
1. CVE-2024-12381: Type Confusion in V8
- Severity: High
- Description: The V8 JavaScript engine, used by Google Chrome to process web content, has a Type Confusion issue. Type Confusion occurs when the browser misinterprets the type of an object, leading to unexpected behavior. This flaw can result in heap corruption when a specially crafted HTML page is executed.
- Reported by: Seunghyun Lee (@0x10n) on December 2, 2024.
- Affected Versions: Google Chrome prior to version 131.0.6778.139/.140.
2. CVE-2024-12382: Use After Free in Translate
- Severity: High
- Description: A Use After Free vulnerability exists in Google Chrome’s Translate component. Use After Free occurs when memory is accessed after it has been freed, leading to unexpected behavior or crashes. Exploiting this vulnerability via a crafted HTML page can cause heap corruption or allow remote code execution.
- Reported by: lime (@limeSec_) from TIANGONG Team of Legendsec at QI-ANXIN Group on November 18, 2024.
- Affected Versions: Google Chrome prior to version 131.0.6778.139/.140.
3. CVE-2024-12053: Type Confusion in V8
- Severity: High
- Description: Another Type Confusion vulnerability in the V8 engine impacts earlier versions of Google Chrome. Exploitation through a malicious HTML page can result in object corruption, potentially leading to system compromise.
- Reported by: gal1ium and chluo on November 14, 2024.
- Affected Versions: Google Chrome prior to version 131.0.6778.108/.109.
How Can These Vulnerabilities Be Exploited?
Attackers can take advantage of these vulnerabilities by luring users to visit a specially crafted webpage. Once the webpage is loaded, it can trigger the security flaws, allowing the attacker to:
- Execute malicious code remotely on the target system.
- Corrupt memory, causing the browser to crash.
- Steal sensitive data or compromise system functionality.
Given the widespread use of Google Chrome, it is critical to address these vulnerabilities immediately.
Solution: Update Google Chrome Immediately
Google has addressed these vulnerabilities by releasing updated versions of Chrome for Desktop on the Stable Channel. The updates are being rolled out gradually, and all users are advised to apply them as soon as possible.
Updated Versions
- Windows and macOS: Version 131.0.6778.139/.140
- Linux: Version 131.0.6778.139
To update Google Chrome:
- Open Google Chrome.
- Click on the three dots (Menu) in the top-right corner.
- Navigate to Help > About Google Chrome.
- Chrome will automatically check for updates and install the latest version.
- Restart the browser to apply the update.
Security Fixes and Acknowledgements
Google has credited several external security researchers for identifying and reporting these vulnerabilities:
- CVE-2024-12381: Seunghyun Lee (@0x10n) – Awarded $55,000 for discovering the issue.
- CVE-2024-12382: lime (@limeSec_) from TIANGONG Team of Legendsec at QI-ANXIN Group.
- CVE-2024-12053: gal1ium and chluo – Awarded $8,000 for identifying the flaw.
In addition to contributions from external researchers, Google’s internal security teams continue to conduct audits, fuzzing, and other security initiatives to proactively identify and fix vulnerabilities.
Why Prompt Updates Are Crucial
- Rapid Threat Exploitation: Attackers often exploit known vulnerabilities within days of disclosure. Delaying updates leaves systems vulnerable.
- Prevention of Data Breaches: Remote code execution could allow attackers to access sensitive data, including saved passwords and browsing history.
- System Stability: Updating ensures that your browser runs smoothly without crashes caused by these vulnerabilities.
Best Practices for Safe Browsing
In addition to updating Google Chrome, here are some best practices to stay secure:
- Enable Automatic Updates: Keep your browser and software up-to-date.
- Use Security Extensions: Install reliable security extensions to block malicious content.
- Avoid Suspicious Links: Do not click on unknown or untrusted links in emails or messages.
- Enable Site Isolation: Chrome’s Site Isolation feature helps contain exploits.
- Regular Security Scans: Use antivirus software to detect and prevent malicious activity.
- Check Permissions: Regularly review website permissions (e.g., camera, microphone) to limit exposure.
Conclusion
The multiple vulnerabilities identified in Google Chrome highlight the importance of timely software updates to ensure system security and stability. The flaws—primarily Type Confusion in V8 and Use After Free in Translate—can be exploited by attackers to execute arbitrary code, cause system crashes, or steal sensitive data.
All users of Google Chrome for Desktop are urged to update their browsers to the latest stable version (131.0.6778.139/.140) without delay. By applying updates and following safe browsing practices, users can significantly reduce the risk of cyberattacks and ensure a secure online experience.
At Cyble, we remain committed to helping organizations stay ahead of evolving cyber threats through continuous threat monitoring and actionable intelligence. Stay informed, stay secure.
Schedule a demo today to see how Cyble can safeguard your systems against emerging vulnerabilities and cyber threats.
Source:
- https://www.cert-in.org.in/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12382
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12053
- https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_10.html
- https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12381
The post Multiple Vulnerabilities in Google Chrome for Desktop: Update to Stay Secure appeared first on Cyble.
Article Link: https://cyble.com/blog/multiple-vulnerabilities-in-google-chrome-for-desktop-update-to-stay-secure/