Bugs identified in major browsers allow Remote System Hijacking

by | January 18, 2021 | Cybersecurity News

Chrome, Firefox and Edge browsers get an update to fix separate bugs that both allow for remote attacks, which could potentially allow hackers to takeover targeted devices.

Firefox’s vulnerability is a use-after-free bug related to how the use of cookies is handled by the SCTP (Stream Control Transmission Protocol). It had an impact on the browser’s memory and allowed hackers to take control of the computers or other devices in use.

In the case of the Chrome browser, it was an out-of-bounds white bug. And because the Google Chromium browser engine provides the base for the latest Edge browser, Microsoft also urged its users to update. In the middle of the research work, comes out the expression “heap corruption” which has something to do with the memory function – it seems that the dynamic memory allocator arbitrarily modifies the memory locations, allowing malicious intervention to happen.

And the story continues with twelve more additional bugs reported.

Check the source.


Read More

by Dan Florian

Product owner and co-founder of ATTACK Simulator. Dan likes to code, is passionate about design, and loves running and swimming.

There’s no reason to postpone training your employees

Get a quote based on your organization’s needs and start building a strong cyber security infrastructure today.