Kaspersky reports that highly targeted attacks are using Microsoft Windows and Chrome zero-days
3 years, 6 months ago

Kaspersky reports that highly targeted attacks are using Microsoft Windows and Chrome zero-days

Firstpost  

Experts at Kaspersky, earlier this year, had discovered several highly targeted attacks against multiple companies utilising a previously undiscovered chain of Microsoft Windows and Google Chrome zero-day exploits. The two exploited vulnerabilities in the Microsoft Windows OS kernel were Elevation of Privilege vulnerability CVE-2021-31956 and Information Disclosure vulnerability CVE-2021-31955. While Kaspersky researchers couldn’t retrieve remote execution code for the exploit, they suggested that attackers may have used CVE-2021-21224 vulnerability, related to a Type Mismatch bug in the V8. They also discovered and analysed the second exploit in the Microsoft Windows OS kernel which had two vulnerabilities.

History of this topic

Google fixes fifth –zero-day vulnerability in Chrome’s latest security update
7 months, 1 week ago
Google fixes mulitple vulnerabilities in Android’s security update: Report
1 year, 2 months ago
Why users should update Google Chrome and Microsoft Edge browsers
1 year, 8 months ago
Bug fixes this week | Vulnerabilities in Apple, Microsoft, Google, and Samsung products fixed
1 year, 10 months ago
Over 60 vulnerabilities detected in popular Microsoft products like Windows, Office among others
2 years, 3 months ago
Chrome for Windows and Mac getting an important security fix, Google says update now
2 years, 3 months ago
Google rolls security update for Chrome, fixes zero-day exploit in V8 JavaScript engine
3 years, 5 months ago
Chrome browser for Windows and Mac now receiving the latest update to patch new zero-day bug
3 years, 5 months ago
Microsoft's February Patch Tuesday Update Fixes Windows Zero-Day Vulnerability, 56 Other Critical Bugs
3 years, 10 months ago
Google Releases Chrome Update That Patches a Zero-Day Vulnerability
3 years, 10 months ago
Google patches two actively exploited Chrome zero-day bugs
4 years, 1 month ago
Google Chrome Getting a New Update That Fixes Two Critical Zero-Day Vulnerabilities
4 years, 1 month ago
Google Chrome Gets Second Security Update in Two Weeks That Fixes a Critical Zero-Day Vulnerability
4 years, 1 month ago
Google discloses new zero-day vulnerability in Windows OS
4 years, 1 month ago

Discover Related