That's the zero-day that has already been confirmed as exploited by cyber-criminals. According to Microsoft, version 1.49 contains a fix for CVE-2022-2294.
So, I'm very pleased to be able to update this article with the news that Microsoft has already rolled out an update for Edge users. MORE FROM FORBES Microsoft Downplays 'High-Risk' Edge Security Warning For 150 Million Users By Davey Winder A delay of 24 or 48 hours isn't unusual and sometimes has been much longer, and that's time enough for someone to potentially step through that open threat window. I have been relatively vocal in the recent past that these critical updates take far too long to arrive with Edge users. Microsoft Edge is the biggest of these by user number. The same advice applies to users of other web browsers that use the Chromium engine under the hood. Restarting your browser will activate that protection or kickstart a download if not already waiting to be installed. If you tend to keep a desktop browser open for days or weeks on end without shutting down your computer, this doesn't mean an automatic update will actually be protecting you.
Hopefully, your copy of Google Chrome for both Windows and Android should have been updated by now. Remember that you will not be protected until you restart your browser. You can do this by heading for the Help|About option in the Chrome menu, forcing an update check, and automatically downloading and installing it as required.
Windows users are advised to install the Chrome update as a matter of some urgency. "Although we recovered a Chrome RCE, we also found evidence where the attackers specifically checked for visitors using Safari on MacOS or Firefox (on any OS), and directed them to specific links on known exploitation servers," Weidemann said.ĭespite being a reclusive and low-tech regime, North Korea has fostered a prolific hacking operation that has specialized in financial heists and stealing cryptocurrency in operations that can circumvent financial sanctions.Windows users of Chrome need to update right now Davey Winder Specifically, the North Korean attackers were looking to get into the systems of at least 85 different users who were connected to various cryptocurrency platforms.Īgain, the aim of the attackers was to redirect users to a compromised site where an exploit script was executed against the Chrome flaw to install remote access malware.Īccording to Google, however, Chrome was not the only target in those attacks, as other platforms were also exploited. The second attack was focused on the financial sector. From there, the victims would be fed data-seeking malware. Using company names such as Disney and Variety, the hackers used job-seeking emails to bring targets to lookalike domains that would use iframes to install the malware via exploits written into the iframes. The target was not the news content itself, but rather the infrastructure. In the first case, the attackers aimed to target news media and IT companies.
"It is possible that other North Korean government-backed attackers have access to the same exploit kit." "We suspect that these groups work for the same entity with a shared supply chain, hence the use of the same exploit kit, but each operate with a different mission set and deploy different techniques," Weidemann wrote.
102, and rebooting the browser will apply the update for most users.īefore the patch was issued, however, the attackers spent weeks pulling off a number of covert operations between January 4 and February 14.Īdam Weidemann, a researcher with TAG, said that the reclusive authoritarian regime used the flaw to carry out a pair of operations that would boost its government's resources. This would potentially result in remote code execution.
The Chrome zero-day vulnerability, listed as CVE-2022-0609, is a use-after-free bug in Google's browser that allows attackers to place malicious code inside vulnerable memory locations.