Sunday, 12 June 2016

Google Fixes A High-Severity Browser PDF Vulnerability in Chrome

Google patched a high-severity vulnerability in the Chrome browser which allows attackers to execute code on targeted systems using a PDF exploit.
It was Cisco researchers who figured out that a specially crafted PDF document with an embedded jpeg2000 image file within Google’s Chrome default PDF viewer ( PDFium ) keeps users at high risk.
The attack can be performed with ease by the attacker. The vulnerability can be used by attacker in such a way that he places a malicious code inside the PDF file and place it in a website. Then victims are redirected using phishing emails or even malvertising, according to the  Cisco Talos team. They gave a technical description of the vulnerability publicly disclosed on Thursday.
The information on the bug was reported to Google on May 19 and Google managed to ship an updated version of Chrome (51.0.2704.63) on May 25 which fixed the flaw in the browser. Usually Google updates browser code automatically, but if the updates are to be installed users must restart their Chrome browser.
According to the Common Vulnerabilities and Exposures description, the vulnerability is classified as a high-risk and heap-based buffer overflow vulnerability. The flaw is present in the Chrome before he update 51.0.2704.63.
All git versions in the open source community which used PDFium are also vulnerable, according to Cisco Talos. Foxit Software, which developed the PDF rendering engine which is vulnerable in Chrome browser, also patched its git PDFium version at the same time, Cisco Talos said.
The PDFium component  was added to the Chrome browser by Google in 2014 as part of its open-source software library project. It’s not clearly known for how long the PDFium vulnerability has existed or if it has been exploited in a real world attack.
According to a Google blog post, the PDFium exploit (CVE-2016-1681) was discovered by a researcher from Talos called Aleksandar Nikolic who was awarded $3,000 for the discovery through Google’s bug bounty program, according to a Google

No comments:

Post a Comment