ManageEngine x Forrester | Workforce Identity Platforms Landscape Report

Recent AD News

Time to update: Google just fixed an actively exploited zero-day vulnerability in the Chrome browser

Google recently patched a potentially disastrous zero-day vulnerability in the desktop app of the Chrome web browser. The company also acknowledged that the exploit is being actively exploited in the wild.

In the recent release update from the Chrome team, it patched the issue with an update for the Windows, Mac, and Linux app to fix the heap buffer overflow flaw (CVE-2021-21148) in its V8 JavaScript rendering engine.

The fix comes weeks after Google and Microsoft revealed details about a widespread social engineering attack carried out by North Korean hackers. In a report that Microsoft published shortly after the attack, it hinted that the hackers might have leveraged a potential zero-day vulnerability to carry out the attack. On January 24, Mattias Buelens reported the security flaw to Google.

Google’s statement however, doesn’t clarify if the attackers indeed leveraged the vulnerability. The attackers are said to belong to a North Korean state-sponsored hacking group known as Lazarus and were unsuccessful in their attempts to plant a Windows backdoor. Bug fixers at Google had a busy year last 2020, fixing five zero-day vulnerabilities in Chrome. The case was similar this year around, with Google addressing six issues already within the first couple of months.

Related posts
Recent AD News

Chinese hacker group 'Naikon' strikes again: Targets ASEAN nations

Recent AD News

Bumblebee: A new malware loader on the prowl

Recent AD News

FBI issues alert: A lethal ransomware that breached 60 companies

Recent AD News

Israel's Pegasus spyware finds a new target

×

There are over 8,500 people who are getting towards perfection in Active Directory, IT Management & Cyber security through our insights from Identitude.

Wanna be a part of our bimonthly curation of IAM knowledge?

  • -Select-
  • By clicking 'Become an insider', you agree to processing of personal data according to the Privacy Policy.