Threat Watch

New Chrome Update Patches Various High-Severity Vulnerabilities

On September 27, Google announced a new Chrome update for Windows, macOS, and Linux. This update patches 20 security flaws, 16 of which were submitted by external threat researchers. Half of these vulnerabilities are use after free bugs that were discovered for the following browser components:

  • CSS
  • Survey
  • Media
  • Assistant
  • Import
  • Logging
  • Chrome OS Notifications

Use after free vulnerabilities occur when a user visits a malicious web page in Chrome that references memory after it has been freed. This can cause an application to crash, use unexpected values, or allow for remote code execution – as has been seen in the past in Chrome. Other vulnerabilities patched include a high-severity insufficient validation of untrusted input bug and a medium severity policy enforcement issue in Developer Tools. Researchers were paid a total of $38,000 for these vulnerabilities to date.

ANALYST NOTES

Looking at the vulnerabilities in this specific update, many can be exploited to allow for Remote Code Execution. This highlights the importance of effective vulnerability management. Otherwise, these vulnerabilities could allow for initial access into an environment from simply browsing to a malicious web page.

Additionally, this Chrome update highlights the benefits that come with offering a bug bounty program for companies that develop software. Without a bug bounty program, some of the external researchers who reported these vulnerabilities may have not searched for them in the first place. This could have led to the bugs being undiscovered for a longer period of time, which may have allowed a malicious actor a chance to discover them first and then exploit them. By having a bug bounty program, these companies can ensure that their software is secure and cannot be used in supply chain attacks affecting those who use their software.

https://www.securityweek.com/chrome-106-patches-high-severity-vulnerabilities?&web_view=true

https://cwe.mitre.org/data/definitions/416.html