The injected script then checks if iteration of Google Chrome installed in the system is of version 65 or later. This gives the attacker multiple code execution scenarios and a chance to the host system.
“The finding of a new Google Chrome zero-day in the wild once again demonstrates that it is only collaboration between the security community and software developers, as well as constant investment in exploit prevention technologies, that can keep us safe from sudden and hidden strikes by threat actors,” said Anton Ivanov, a security expert at Kaspersky.
He noted the detected exploit held similarities with the erstwhile Lazarus attacks, and that the profile of targeted users was similar to that of previous false flag attacks. To safeguard against the vulnerability, users are advised to install the software patch provided by Google and update all enterprise used at home and work.
For professional networks, corporate-grade security solutions are recommended. Security products that offer endpoint protection are recommended for personal use.
Offline Location Tracking For iPhones, Speedometer In Google Maps: Features That Will Chang...
Hardware and software go hand in hand when it comes to the technology that we use. But software can move much faster, which is why we see a lot of companies focusing on delivering new features over the air via updates. Karan Bajaj talks about some of the new things with the maximum impact.
- Massive spying on users of Google's Chrome shows new security weakness
- 8 must-have Google Chrome extensions
- VMware to enable customers manage Google's Chrome devices
- Using Google Chrome as your preferred browser? Think again
- Google Chrome just got a lot faster
- 13 Google Chrome hacks that will change the way you use internet